Shodan
Vulnerabilities
Vulnerable Software
Seacms:  Security Vulnerabilities
CVE-2024-6416
A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /js/player/dmplayer/dmku/?ac=edit. The manipulation of the argument cid with the input (select(0)from(select(sleep(10)))v) leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270007.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-06-30
CVE-2024-31611
SeaCMS 12.9 has a file deletion vulnerability via admin_template.php.
CVSS Score
9.1
EPSS Score
0.002
Published
2024-06-10
CVE-2024-30565
An issue was discovered in SeaCMS version 12.9, allows remote attackers to execute arbitrary code via admin notify.php.
CVSS Score
8.8
EPSS Score
0.026
Published
2024-04-04
CVE-2024-29275
SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php.
CVSS Score
9.8
EPSS Score
0.618
Published
2024-03-22
CVE-2023-46987
SeaCMS v12.9 was discovered to contain a remote code execution (RCE) vulnerability via the component /augap/adminip.php.
CVSS Score
8.8
EPSS Score
0.057
Published
2023-12-28
CVE-2023-50470
A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-12-28
CVE-2023-46010
An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-10-25
CVE-2023-44846
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ notify.php component.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-10-10
CVE-2023-44847
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ Weixin.php component.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-10-10
CVE-2023-44848
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_template.php component.
CVSS Score
8.1
EPSS Score
0.002
Published
2023-10-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved