pysnow issues

Results 2 issues of


                                            pysnow

SeaCMS v12.9 admin_ping.php 远程代码执行

# Introduction SeaCMS is a free, open-source website content management system written in PHP. The system is mainly designed to manage video-on-demand resources. SeaCMS 12.9 version has a remote code...

SeaCMS v12.9 未授权SQL注入漏洞

# 总结 SeaCMS v12.9 存在未授权SQL注入漏洞，该漏洞源于/js/player/dmplayer/dmku/index.php?ac=edit处能够通过cid参数进行sql注入，从而导致数据库敏感信息泄露 ## 漏洞介绍 ![image](https://github.com/seacms-net/CMS/assets/29022490/a6758795-624f-48a3-b177-aebb5460ed2f) js/player/dmplayer/dmku/index.php处存在SQL注入，传入ac=edit能够调用`$d->编辑弹幕($cid)` ![image](https://github.com/seacms-net/CMS/assets/29022490/f2ddb0c2-02b6-40cc-8952-7c6b1ba7ff05) ![image](https://github.com/seacms-net/CMS/assets/29022490/5d475f3c-54f0-415c-993a-1346157de6d2) 而在`编辑_弹幕`方法处没有进行过滤导致cid、text、color都能够引起sql注入 ## 漏洞验证 ![image](https://github.com/seacms-net/CMS/assets/29022490/0dd5d2ae-ba17-474c-876d-2b8b8097e07c) 延时3秒 ![image](https://github.com/seacms-net/CMS/assets/29022490/92f6abbb-2ee0-48f9-b624-957853be789b) 延时6秒 ## POC ```http POST /js/player/dmplayer/dmku/index.php?ac=edit HTTP/1.1 Host: ip User-Agent: Mozilla/5.0 (Windows NT...