| Title | Seacms v11.6 has Delete any file in the foreground |
|---|
| Description | Seacms v11.6 has Delete any file in the foreground.
Website source address: https://github.com/seacms-net/CMS
Register and log in at the foreground, and then capture the package where the picture is uploaded.
Capture the package and then there is oldpic at the bottom of the package, which indicates the path under the root directory of the project, the default is uploads/user/a.png, modify it to the file path under the root directory and then delete any file |
|---|
| Source | ⚠️ https://github.com/xryj920/CVE/blob/main/DEL.md |
|---|
| User | DRXYJ (UID 46872) |
|---|
| Submission | 05/17/2023 06:09 (3 years ago) |
|---|
| Moderation | 05/27/2023 09:30 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 230081 [SeaCMS 11.6 Picture Upload member.php oldpic denial of service] |
|---|
| Points | 20 |
|---|