SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/admin_ping.php file.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-09-27
A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-09-25
SeaCms before v12.6 was discovered to contain a SQL injection vulnerability via the component /js/player/dmplayer/dmku/index.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-11-16
SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php.
CVSS Score
9.8
EPSS Score
0.084
Published
2020-12-21
Page 3