Shodan
Vulnerabilities
Vulnerable Software
Seacms:  >> Seacms  >> 12.9  Security Vulnerabilities
CVE-2024-39027
SeaCMS v12.9 has an unauthorized SQL injection vulnerability. The vulnerability is caused by the SQL injection through the cid parameter at /js/player/dmplayer/dmku/index.php?ac=edit, which can cause sensitive database information to be leaked.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-07-05
CVE-2024-6416
A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /js/player/dmplayer/dmku/?ac=edit. The manipulation of the argument cid with the input (select(0)from(select(sleep(10)))v) leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270007.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-06-30
CVE-2024-31611
SeaCMS 12.9 has a file deletion vulnerability via admin_template.php.
CVSS Score
9.1
EPSS Score
0.002
Published
2024-06-10
CVE-2024-30565
An issue was discovered in SeaCMS version 12.9, allows remote attackers to execute arbitrary code via admin notify.php.
CVSS Score
8.8
EPSS Score
0.026
Published
2024-04-04
CVE-2024-29275
SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php.
CVSS Score
9.8
EPSS Score
0.68
Published
2024-03-22
CVE-2023-46987
SeaCMS v12.9 was discovered to contain a remote code execution (RCE) vulnerability via the component /augap/adminip.php.
CVSS Score
8.8
EPSS Score
0.057
Published
2023-12-28
CVE-2023-46010
An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
CVE-2023-44169
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_notify.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-09-27
CVE-2023-44170
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_ping.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-09-27
CVE-2023-44171
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_smtp.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-09-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved