{"id":13389725,"url":"https://github.com/SecWiki/CMS-Hunter","last_synced_at":"2025-03-13T14:31:55.648Z","repository":{"id":37677289,"uuid":"94102538","full_name":"SecWiki/CMS-Hunter","owner":"SecWiki","description":"CMS漏洞测试用例集合","archived":false,"fork":false,"pushed_at":"2018-12-20T06:44:47.000Z","size":9513,"stargazers_count":1740,"open_issues_count":1,"forks_count":522,"subscribers_count":105,"default_branch":"master","last_synced_at":"2025-03-11T00:48:38.420Z","etag":null,"topics":["cms-hunter","joomla","phpcms","wordpress"],"latest_commit_sha":null,"homepage":"https://www.sec-wiki.com/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SecWiki.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-06-12T14:01:12.000Z","updated_at":"2025-03-08T20:38:17.000Z","dependencies_parsed_at":"2022-07-14T21:46:52.770Z","dependency_job_id":null,"html_url":"https://github.com/SecWiki/CMS-Hunter","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SecWiki%2FCMS-Hunter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SecWiki%2FCMS-Hunter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SecWiki%2FCMS-Hunter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SecWiki%2FCMS-Hunter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SecWiki","download_url":"https://codeload.github.com/SecWiki/CMS-Hunter/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243422601,"owners_count":20288488,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cms-hunter","joomla","phpcms","wordpress"],"created_at":"2024-07-30T13:01:28.892Z","updated_at":"2025-03-13T14:31:55.610Z","avatar_url":"https://github.com/SecWiki.png","language":"PHP","readme":"# CMS-Hunter\n\n### 简介\n\nContent Management System Vulnerability Hunter\n\n\u003e 说明：目前来看，本项目会进行长期维护，有修改的建议或者想法欢迎联系作者。\n\n***\n\n### CMS 漏洞列表\n\n\n\n#### Discuz\n\n- [Discuz_＜3.4_birthprovince_前台任意文件删除](Discuz/Discuz_＜3.4_birthprovince_前台任意文件删除)\n\n#### DedeCMS\n\n- [DedeCMS_v5.7_shops_delivery_存储型XSS](DedeCMS/DedeCMS_v5.7_shops_delivery_存储型XSS)\n- [DedeCMS_v5.7_carbuyaction_存储型XSS](DedeCMS/DedeCMS_v5.7_carbuyaction_存储型XSS)\n- [DedeCMS_v5.7_友情链接CSRF_GetShell](DedeCMS/DedeCMS_v5.7_友情链接CSRF_GetShell)\n- [DedeCMS V5.7 SP2后台存在代码执行漏洞](/DedeCMS/DedeCMS%20V5.7%20SP2后台存在代码执行漏洞)\n\n#### Drupal\n\n- [Drupal远程代码执行漏洞(CVE-2017-6920)](Drupal/Drupal远程代码执行漏洞(CVE-2017-6920))\n\n#### FineCMS\n- [FineCMS最新版5.0.8两处getshell](https://github.com/SecWiki/CMS-Hunter/tree/master/FineCMS/FineCMS%E6%9C%80%E6%96%B0%E7%89%885.0.8%E4%B8%A4%E5%A4%84getshell)\n\n#### Joomla!\n- [Joomla_3.7.0_SQL注入(CVE-2017-8917)](Joomla/Joomla_3.7.0_SQL注入(CVE-2017-8917))\n- [Joomla_3.4.4-3.6.3_未授权创建特权用户(CVE-2016-8869)](Joomla/Joomla_3.4.4-3.6.3_未授权创建特权用户(CVE-2016-8869))\n\n#### Metinfo\n\n- [metinfo多个漏洞](/Metinfo/MetInfo%20V5.1.7)\n\n#### Seacms\n\n- [SeaCMS v6.45前台Getshell 代码执行](https://github.com/SecWiki/CMS-Hunter/tree/master/seacms/SeaCMS%20v6.45%E5%89%8D%E5%8F%B0Getshell%20%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C)\n\n- [seacms6.54代码执行](https://github.com/SecWiki/CMS-Hunter/tree/master/seacms/seacms6.54%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C)\n\n- [seacms 6.55 代码执行](https://github.com/SecWiki/CMS-Hunter/tree/master/seacms/seacms%206.55%20%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C)\n\n- [seacms6.61 XSS](https://github.com/SecWiki/CMS-Hunter/blob/master/seacms/seacms6.61/seacms661.md)\n\n- [Seacms6.61后台getshell](https://github.com/SecWiki/CMS-Hunter/blob/master/seacms/seacms6.61/seacms.md)\n\n  \n\n#### Struts\n\n- [S2-048(CVE-CVE-2017-9791)](Struts/S2-048(CVE-CVE-2017-9791))\n\n#### ThinkPHP\n\n- [ThinkPHP_3.2.3-5.0.10_缓存函数设计缺陷](ThinkPHP/ThinkPHP_3.2.3-5.0.10_缓存函数设计缺陷)\n\n#### ThinkSNS\n\n- [ThinkSNS_V4 后台任意文件下载导致Getshell](/ThinkSNS/ThinkSNS_V4)\n\n#### WordPress\n- [WordPress_4.4_SSRF](WordPress/WordPress_4.4_SSRF)\n\n- [WordPress_4.7_Info_Disclosure](WordPress/WordPress_4.7_Info_Disclosure)\n\n- [WordPress_4.7.0-4.7.1_未授权内容注入](WordPress/WordPress_4.7.0-4.7.1_未授权内容注入)\n\n- [[Wordpress \u003c= 4.9.6 任意文件删除漏洞](https://github.com/SecWiki/CMS-Hunter/blob/master/WordPress/Wordpress%20%3C%3D%204.9.6%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4%E6%BC%8F%E6%B4%9E/Wordpress%20%3C%3D%204.9.6%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4%E6%BC%8F%E6%B4%9E.md)\n\n  \n\n#### PHPCMS\n- [PHPCMS_v9.6.0_SQL注入](PHPCMS/PHPCMS_v9.6.0_SQL注入)\n- [PHPCMS_v9.6.0_任意文件上传](PHPCMS/PHPCMS_v9.6.0_任意文件上传)\n- [PHPCMS_v9.6.1_任意文件下载](PHPCMS/PHPCMS_v9.6.1_任意文件下载)\n- [PHPCMS_v9.6.2_任意文件下载](PHPCMS/PHPCMS_v9.6.2_任意文件下载)\n\n#### WebLogic\n\n- [CVE-2017-3506 \u0026 CVE-2017-10271 XmlDecoder](https://github.com/SecWiki/CMS-Hunter/tree/master/WebLogic/CVE-2017-3506%20%26%20CVE-2017-10271)\n- [CVE-2018-2628 T3 Deserialize](https://github.com/SecWiki/CMS-Hunter/tree/master/WebLogic/CVE-2018-2628)\n- [CVE-2018-2628 bypassing CVE-2018-2893 T3 Deserialize](https://github.com/SecWiki/CMS-Hunter/tree/master/WebLogic/CVE-2018-2893)\n\n\n### 项目维护\n\n+ **ourren**(sina weibo \u003ca href=\"http://weibo.com/codesec\"\u003e@ourren\u003c/a\u003e)\n+ **Anka9080**(sina weibo \u003ca href=\"http://weibo.com/anka9080\"\u003e@Anka9080\u003c/a\u003e)\n+  **sie504** \n+  **Bearcat**\n\n### 免责说明\n\n请勿用于非法的用途，否则造成的严重后果与本项目无关。\n\n### 参考链接\n\n- [CxSecurity](https://cxsecurity.com)\n- [Seebug](https://www.seebug.org/)\n\n### 转载\n\n转载请注明来自 https://github.com/SecWiki/CMS-Hunter\n\n### 补充完善\n\n欢迎大家补充完善　[Anka9080@foxmail.com](Anka9080@foxmail.com)\n\n\u0026copy;\u003ca href=\"https://www.sec-wiki.com\" target=\"_blank\"\u003eSecWiki\u003c/a\u003e 2017\n","funding_links":[],"categories":["PHP","PHP (184)","LLM分析过程"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSecWiki%2FCMS-Hunter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSecWiki%2FCMS-Hunter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSecWiki%2FCMS-Hunter/lists"}