cumtxujiabin

2 exploits Active since Sep 2018
CVE-2018-16343 WRITEUP HIGH WRITEUP
SeaCMS 6.61 - Remote Code Execution via parseIf() GLOBALS Bypass
SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf() in include/main.class.php does not block use of $GLOBALS.
CVSS 7.2
CVE-2018-16344 WRITEUP HIGH WRITEUP
zzcms 8.3 - Unauthenticated Path Traversal and Arbitrary File Deletion via flv Parameter
An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.
CVSS 7.5