PT-2018-13571 · Seacms · Seacms
Publicado
2018-09-04
·
Atualizado
2018-10-25
·
CVE-2018-16444
CVSS v3.1
9.1
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
SeaCMS version 6.61
Description
An issue was discovered in SeaCMS, where the
adm1n/admin reslib.php file has a Server-Side Request Forgery (SSRF) vulnerability via the url parameter.Recommendations
For SeaCMS version 6.61, consider restricting access to the
adm1n/admin reslib.php file to minimize the risk of exploitation. Avoid using the url parameter in the affected file until the issue is resolved.Exploit
Correção
SSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Seacms