Vulnerability Details CVE-2024-39027
SeaCMS v12.9 has an unauthorized SQL injection vulnerability. The vulnerability is caused by the SQL injection through the cid parameter at /js/player/dmplayer/dmku/index.php?ac=edit, which can cause sensitive database information to be leaked.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.3%
CVSS Severity
CVSS v3 Score 7.5