PT-2018-13571 · Seacms · Seacms
Published
2018-09-04
·
Updated
2018-10-25
·
CVE-2018-16444
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
SeaCMS version 6.61
Description
An issue was discovered in SeaCMS, where the
adm1n/admin reslib.php file has a Server-Side Request Forgery (SSRF) vulnerability via the url parameter.Recommendations
For SeaCMS version 6.61, consider restricting access to the
adm1n/admin reslib.php file to minimize the risk of exploitation. Avoid using the url parameter in the affected file until the issue is resolved.Exploit
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Seacms