Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Seacms
(Seacms)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 75 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-08-05 | CVE-2025-50592 | Cross site scripting vulnerability in seacms before 13.2 via the vid parameter to Upload/js/player/dmplayer/player. | Seacms | N/A | ||
| 2025-04-18 | CVE-2025-3792 | A vulnerability, which was classified as critical, has been found in SeaCMS up to 13.3. This issue affects some unknown processing of the file /admin_link.php?action=delall. The manipulation of the argument e_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Seacms | 7.2 | ||
| 2025-04-19 | CVE-2025-3797 | A vulnerability classified as critical was found in SeaCMS up to 13.3. This vulnerability affects unknown code of the file /admin_topic.php?action=delall. The manipulation of the argument e_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | Seacms | 7.2 | ||
| 2025-06-29 | CVE-2025-6864 | A vulnerability, which was classified as problematic, has been found in SeaCMS up to 13.2. Affected by this issue is some unknown functionality of the file /admin_type.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | Seacms | N/A | ||
| 2025-06-17 | CVE-2024-40570 | SQL Injection vulnerability in SeaCMS v.12.9 allows a remote attacker to obtain sensitive information via the admin_datarelate.php component. | Seacms | N/A | ||
| 2025-05-05 | CVE-2025-4256 | A vulnerability classified as problematic was found in SeaCMS 13.2. This vulnerability affects unknown code of the file /admin_paylog.php. The manipulation of the argument cstatus leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | Seacms | 5.4 | ||
| 2025-05-06 | CVE-2025-44073 | SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment_news.php. | Seacms | N/A | ||
| 2025-05-05 | CVE-2025-44071 | SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component phomebak.php. This vulnerability allows attackers to execute arbitrary code via a crafted request. | Seacms | 9.8 | ||
| 2025-05-05 | CVE-2025-44072 | SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager.php. | Seacms | 9.8 | ||
| 2025-05-05 | CVE-2025-44074 | SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php. | Seacms | 9.8 |