Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seacms seacms vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-43278
A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows malicious users to arbitrarily add an admin account.
Seacms Seacms
8.8
CVSSv3
CVE-2019-8418
SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.
Seacms Seacms 7.2
8.8
CVSSv3
CVE-2018-14910
SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address (aka ip) to /admin/admin_ip.php (aka /adm1n/admin_ip.php). The code is executed by visiting adm1n/admin_ip.php or data/admin/ip.php. This can also be exploited through CSRF.
Seacms Seacms 6.61
8.8
CVSSv3
CVE-2018-14421
SeaCMS v6.61 allows Remote Code execution by placing PHP code in a movie picture address (aka v_pic) to /admin/admin_video.php (aka /backend/admin_video.php). The code is executed by visiting /details/index.php. This can also be exploited through CSRF.
Seacms Seacms 6.61
8.8
CVSSv3
CVE-2018-13444
An issue exists in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/admin_manager.php?action=save&id=2.
Seacms Seacms 6.61
8.8
CVSSv3
CVE-2018-13445
An issue exists in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account via adm1n/admin_manager.php?action=add.
Seacms Seacms 6.61
8.1
CVSSv3
CVE-2023-44848
An issue in SeaCMS v.12.8 allows an malicious user to execute arbitrary code via the admin_template.php component.
Seacms Seacms
7.5
CVSSv3
CVE-2018-17365
SeaCMS 6.64 and 7.2 allows remote malicious users to delete arbitrary files via the filedir parameter.
Seacms Seacms 6.64
Seacms Seacms 7.2
7.5
CVSSv3
CVE-2018-16446
An issue exists in SeaCMS up to and including 6.61. adm1n/admin_database.php allows remote malicious users to delete arbitrary files via directory traversal sequences in the bakfiles parameter. This can allow the product to be reinstalled by deleting install_lock.txt.
Seamcms Seacms
7.2
CVSSv3
CVE-2023-44847
An issue in SeaCMS v.12.8 allows an malicious user to execute arbitrary code via the admin_ Weixin.php component.
Seacms Seacms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »