Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
There is a remote code execution vulnerability in SeaCMS 12.9. The vulnerability is caused by phomebak.php writing some variable names passed in without filtering them before writing them into the php file. An authenticated attacker can exploit this vulnerability to execute arbitrary commands and obtain system permissions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SeaCMS 安全漏洞
Vulnerability Description
SeaCMS是海洋CMS(SeaCMS)公司的一套使用PHP编写的免费、开源的网站内容管理系统。该系统主要被设计用来管理视频点播资源。 SeaCMS 12.9版本存在安全漏洞,该漏洞源于phomebak. php在写入php文件之前写入一些传入的变量名而不对其进行过滤,经过身份验证的攻击者可以利用该漏洞执行任意命令并获得系统权限。
CVSS Information
N/A
Vulnerability Type
N/A