漏洞描述
CatfishCMS(鲶鱼)系统是一款开源的内容管理平台。CatfishCMS(鲶鱼)系统 Request.php 存在代码执行漏洞。攻击者可通过该漏洞在服务器端任意执行代码,写入后门,获取服务器权限,进而控制整个web服务器。
CatfishCMS(鲶鱼)系统 Request.php 代码执行漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2023-23897: Ozette Plugins - Cross-Site Request Forgery
- POC CVE-2024-20404: Cisco Finesse - Server-Side Request Forgery (SSRF)
- POC CVE-2025-10211: ChanCMS <= 3.3.0 - Server-Side Request Forgery
- POC te-cl-http-smuggling: Basic TE.CL - HTTP Request Smuggling
- POC bentoml-ssrf: Bentoml - Server Side Request Forgery
- POC gradio-image-ssrf: Gradio Image Component - Server-Side Request Forgery
- POC 用友nc soapRequest.ajax 命令执行漏洞
- 泛微 OA E-Cology deleteUserRequestInfoByXml 文件读取漏洞(CVE-2023-2806)
- POC CVE-2014-4210: Oracle Weblogic - Server-Side Request Forgery
- POC CVE-2015-8813: Umbraco <7.4.0- Server-Side Request Forgery
- POC CVE-2017-0929: DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery
- POC CVE-2017-18638: Graphite <=1.1.5 - Server-Side Request Forgery
- POC CVE-2017-8046: Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution