MichaelWayneLIU

5 exploits Active since Jun 2018
CVE-2018-12431 WRITEUP MEDIUM WRITEUP
SeaCMS V6.61 - Stored Cross-Site Scripting via Site Name Parameter
SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page).
CVSS 4.8
CVE-2018-14910 WRITEUP HIGH WRITEUP
SeaCMS v6.61 - Remote Code Execution via IP Address Field
SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address (aka ip) to /admin/admin_ip.php (aka /adm1n/admin_ip.php). The code is executed by visiting adm1n/admin_ip.php or data/admin/ip.php. This can also be exploited through CSRF.
CVSS 8.8
CVE-2018-16444 WRITEUP CRITICAL WRITEUP
SeaCMS 6.61 - Server-Side Request Forgery via URL Parameter
An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter.
CVSS 9.1
CVE-2018-16445 WRITEUP CRITICAL WRITEUP
SeaCMS < 6.61 - SQL Injection via tid Parameter
An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admin_topic_vod.php request.
CVSS 9.8
CVE-2018-16446 WRITEUP HIGH WRITEUP
SeaCMS <= 6.61 - Unauthenticated Arbitrary File Deletion via bakfiles Parameter
An issue was discovered in SeaCMS through 6.61. adm1n/admin_database.php allows remote attackers to delete arbitrary files via directory traversal sequences in the bakfiles parameter. This can allow the product to be reinstalled by deleting install_lock.txt.
CVSS 7.5