An issue was discovered in SeaCMS <=12.9 which allows remote attackers to execute arbitrary code via admin_ping.php.
CVSS Score
9.8
EPSS Score
0.026
Published
2024-07-05
An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ notify.php component.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-10-10
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ Weixin.php component.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-10-10
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_template.php component.
CVSS Score
8.1
EPSS Score
0.002
Published
2023-10-10
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/admin_ping.php file.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-09-27
A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-09-25
SeaCms before v12.6 was discovered to contain a SQL injection vulnerability via the component /js/player/dmplayer/dmku/index.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-11-16
A cross-site scripting (XSS) vulnerability has been discovered in the login page of SeaCMS version 11 which allows an attacker to inject arbitrary web script or HTML.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-05-28
Page 2