SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/admin_ping.php file.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-09-27
A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-09-25
SeaCms before v12.6 was discovered to contain a SQL injection vulnerability via the component /js/player/dmplayer/dmku/index.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-11-16
A cross-site scripting (XSS) vulnerability has been discovered in the login page of SeaCMS version 11 which allows an attacker to inject arbitrary web script or HTML.
CVSS Score
6.1
EPSS Score
0.002
Published
2021-05-28
Page 3