Shodan
Vulnerabilities
Vulnerable Software
Seacms:  Security Vulnerabilities
CVE-2023-44169
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_notify.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-09-27
CVE-2023-44170
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_ping.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-09-27
CVE-2023-44171
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_smtp.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-09-27
CVE-2023-44172
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_weixin.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-09-27
CVE-2023-43216
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_ip.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-09-27
CVE-2023-43222
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/admin_ping.php file.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-09-27
CVE-2023-43278
A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-09-25
CVE-2023-37124
A stored cross-site scripting (XSS) vulnerability in the Site Setup module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-07-06
CVE-2023-37125
A stored cross-site scripting (XSS) vulnerability in the Management Custom label module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-07-06
CVE-2023-2926
A vulnerability was found in SeaCMS 11.6 and classified as problematic. This issue affects some unknown processing of the file member.php of the component Picture Upload Handler. The manipulation of the argument oldpic leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230081 was assigned to this vulnerability.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-05-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved