Loading
ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string.
Use CWE-89, Thinkphp vendor hub and Thinkphp product page to widen CVE-2018-16385 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2025-63888, CVE-2025-50707 and CVE-2025-50706 for nearby disclosures in the same product family.