Shodan
Vulnerabilities
Vulnerable Software
Seacms:  >> Seacms  >> 13.3  Security Vulnerabilities
CVE-2025-10662
A vulnerability has been found in SeaCMS up to 13.3. The impacted element is an unknown function of the file /admin_members.php?ac=editsave. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This affects another injection point than CVE-2025-25513.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-09-18
CVE-2025-44073
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment_news.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-05-06
CVE-2025-44072
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-05-05
CVE-2025-44074
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php.
CVSS Score
9.8
EPSS Score
0.0
Published
2025-05-05
CVE-2025-44071
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component phomebak.php. This vulnerability allows attackers to execute arbitrary code via a crafted request.
CVSS Score
9.8
EPSS Score
0.005
Published
2025-05-05
CVE-2025-3797
A vulnerability classified as critical was found in SeaCMS up to 13.3. This vulnerability affects unknown code of the file /admin_topic.php?action=delall. The manipulation of the argument e_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-04-19
CVE-2025-3792
A vulnerability, which was classified as critical, has been found in SeaCMS up to 13.3. This issue affects some unknown processing of the file /admin_link.php?action=delall. The manipulation of the argument e_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-04-18
CVE-2025-29647
SeaCMS v13.3 has a SQL injection vulnerability in the component admin_tempvideo.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-04-03
CVE-2025-25802
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ip.php.
CVSS Score
5.1
EPSS Score
0.001
Published
2025-02-26
CVE-2025-25813
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_files.php.
CVSS Score
5.1
EPSS Score
0.001
Published
2025-02-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved