Shodan
Vulnerabilities
Vulnerable Software
Seacms:  Security Vulnerabilities
CVE-2025-6864
A vulnerability, which was classified as problematic, has been found in SeaCMS up to 13.2. Affected by this issue is some unknown functionality of the file /admin_type.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-06-29
CVE-2024-40570
SQL Injection vulnerability in SeaCMS v.12.9 allows a remote attacker to obtain sensitive information via the admin_datarelate.php component.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-06-17
CVE-2025-44073
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment_news.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-05-06
CVE-2025-44072
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-05-05
CVE-2025-44074
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-05-05
CVE-2025-44071
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component phomebak.php. This vulnerability allows attackers to execute arbitrary code via a crafted request.
CVSS Score
9.8
EPSS Score
0.005
Published
2025-05-05
CVE-2025-4256
A vulnerability classified as problematic was found in SeaCMS 13.2. This vulnerability affects unknown code of the file /admin_paylog.php. The manipulation of the argument cstatus leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
3.5
EPSS Score
0.0
Published
2025-05-05
CVE-2025-3797
A vulnerability classified as critical was found in SeaCMS up to 13.3. This vulnerability affects unknown code of the file /admin_topic.php?action=delall. The manipulation of the argument e_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-04-19
CVE-2025-3792
A vulnerability, which was classified as critical, has been found in SeaCMS up to 13.3. This issue affects some unknown processing of the file /admin_link.php?action=delall. The manipulation of the argument e_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-04-18
CVE-2025-29647
SeaCMS v13.3 has a SQL injection vulnerability in the component admin_tempvideo.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-04-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved