Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seacms seacms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-44171
SeaCMS V12.9 exists to contain an arbitrary file write vulnerability via the component admin_smtp.php.
Seacms Seacms 12.9
9.8
CVSSv3
CVE-2023-44172
SeaCMS V12.9 exists to contain an arbitrary file write vulnerability via the component admin_weixin.php.
Seacms Seacms 12.9
5.4
CVSSv3
CVE-2023-50470
A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Seacms Seacms 12.8
8.8
CVSSv3
CVE-2018-14910
SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address (aka ip) to /admin/admin_ip.php (aka /adm1n/admin_ip.php). The code is executed by visiting adm1n/admin_ip.php or data/admin/ip.php. This can also be exploited through CSRF.
Seacms Seacms 6.61
8.8
CVSSv3
CVE-2018-13444
An issue exists in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/admin_manager.php?action=save&id=2.
Seacms Seacms 6.61
9.8
CVSSv3
CVE-2020-21378
SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php.
Seacms Seacms 10.1
6.1
CVSSv3
CVE-2021-29313
Cross Site Scripting (XSS) vulnerability exists in SeaCMS 12.6 via the (1) v_company and (2) v_tvs parameters in /admin_video.php,
Seacms Seacms 12.6
5.3
CVSSv3
CVE-2018-16821
SeaCMS 6.64 allows arbitrary directory listing via upload/admin/admin_template.php?path=../templets/../../ requests.
Seacms Seacms 6.64
6.1
CVSSv3
CVE-2018-17062
An issue exists in SeaCMS 6.64. XSS exists in admin_video.php via the action, area, type, yuyan, jqtype, v_isunion, v_recycled, v_ismoney, or v_ispsd parameter.
Seacms Seacms 6.64
6.1
CVSSv3
CVE-2018-17321
An issue exists in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.
Seacms Seacms 6.64
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »