Shodan
Vulnerabilities
Vulnerable Software
Seacms:  Security Vulnerabilities
CVE-2023-0960
A vulnerability was found in SeaCMS 11.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/config.ftp.php of the component Picture Management. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-221630 is the identifier assigned to this vulnerability.
CVSS Score
4.7
EPSS Score
0.001
Published
2023-02-22
CVE-2022-48093
Seacms v12.7 was discovered to contain a remote code execution (RCE) vulnerability via the ip parameter at admin_ ip.php.
CVSS Score
7.2
EPSS Score
0.015
Published
2023-02-01
CVE-2021-39426
An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-12-15
CVE-2022-43256
SeaCms before v12.6 was discovered to contain a SQL injection vulnerability via the component /js/player/dmplayer/dmku/index.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-11-16
CVE-2022-28076
Seacms v11.6 was discovered to contain a remote command execution (RCE) vulnerability via the Mail Server Settings.
CVSS Score
7.2
EPSS Score
0.052
Published
2022-05-04
CVE-2022-27336
Seacms v11.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/weixin.php.
CVSS Score
9.8
EPSS Score
0.036
Published
2022-04-27
CVE-2022-23878
seacms V11.5 is affected by an arbitrary code execution vulnerability in admin_config.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-03-02
CVE-2021-37358
SQL Injection in SEACMS v210530 (2021-05-30) allows remote attackers to execute arbitrary code via the component "admin_ajax.php?action=checkrepeat&v_name=".
CVSS Score
9.8
EPSS Score
0.016
Published
2021-08-18
CVE-2021-29313
Cross Site Scripting (XSS) vulnerability exists in SeaCMS 12.6 via the (1) v_company and (2) v_tvs parameters in /admin_video.php,
CVSS Score
6.1
EPSS Score
0.002
Published
2021-08-17
CVE-2020-28846
Cross Site Request Forgery (CSRF) vulnerability exists in SeaCMS 10.7 in admin_manager.php, which could let a malicious user add an admin account.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-08-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved