EUVD-2018-8190

Malware in sbrugna...

SeaCMS Code Execution Vulnerability

SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A code execution vulnerability exists in SeaCMS version 6.61, which originates from the 'parseIf' function in the include/main.class.php file...

CVE-2018-16343

SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf in include/main.class.php does not block use of $GLOBALS...

CVE-2018-16343

SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf in include/main.class.php does not block use of $GLOBALS...

CVE-2018-16343

SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf in include/main.class.php does not block use of $GLOBALS...

CVE-2018-16343

SeaCMS 6.61 contains a remote code execution flaw: the parseIf() function in include/main.class.php fails to block use of $GLOBALS, enabling attackers to run arbitrary code. This has been documented across multiple sources (CNVD-2018-19075 and NVD/NVD-derived entries) and is tied to SeaCMS’s PHP ...

seacms search.php code execution vulnerability

function parseIf$content if strpos$content,'if:'=== false return $content; else $labelRule = buildregx"if:.? .? end if","is"; $labelRule2="elseif"; $labelRule3="else"; pregmatchall$labelRule,$content,$iar; $arlen=count$iar0; $elseIfFlag=false; for$m=0;$mparseStrIf$strIf; $strThen=$iar2$m;...