Описание
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function, the check function is not executed during execution, allowing remote code execution by writing to the file through the MySQL slow query method.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:seacms:seacms:13.2:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02144
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function, the check function is not executed during execution, allowing remote code execution by writing to the file through the MySQL slow query method.
EPSS
Процентиль: 84%
0.02144
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-94