Seacms <=13.3 is vulnerable to SQL Injection in admin_collect_news.php.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-02-25
Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that allows an authenticated attacker to exploit the database.
CVSS Score
8.8
EPSS Score
0.002
Published
2025-02-25
SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component.
CVSS Score
9.8
EPSS Score
0.007
Published
2025-02-24
Seacms <=13.3 is vulnerable to SQL Injection in admin_members.php.
CVSS Score
9.8
EPSS Score
0.002
Published
2025-02-24
SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function Ebak_RepPathFiletext().
CVSS Score
9.8
EPSS Score
0.017
Published
2024-12-18
An issue was discovered in SeaCMS <=12.9 which allows remote attackers to execute arbitrary code via admin_ping.php.
CVSS Score
9.8
EPSS Score
0.02
Published
2024-07-05
A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-12-28
An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ notify.php component.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-10-10
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ Weixin.php component.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-10-10