Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seacms vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-19350
In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit email parameter during a password change, as demonstrated by a data: URL in an OBJECT element.
Seacms Seacms 6.64
6.1
CVSSv3
CVE-2021-29313
Cross Site Scripting (XSS) vulnerability exists in SeaCMS 12.6 via the (1) v_company and (2) v_tvs parameters in /admin_video.php,
Seacms Seacms 12.6
9.8
CVSSv3
CVE-2023-0960
A vulnerability was found in SeaCMS 11.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/config.ftp.php of the component Picture Management. The manipulation leads to deserialization. The attack may be launched remotely. The e...
Seacms Seacms 11.6
6.1
CVSSv3
CVE-2018-11583
SeaCMS 6.61 has stored XSS in admin_collect.php via the siteurl parameter.
Seacms Seacms 6.61
8.8
CVSSv3
CVE-2018-14421
SeaCMS v6.61 allows Remote Code execution by placing PHP code in a movie picture address (aka v_pic) to /admin/admin_video.php (aka /backend/admin_video.php). The code is executed by visiting /details/index.php. This can also be exploited through CSRF.
Seacms Seacms 6.61
7.2
CVSSv3
CVE-2018-19349
In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php topic parameter because of mishandling in include/mkhtml.func.php.
Seacms Seacms 6.64
8.8
CVSSv3
CVE-2023-46987
SeaCMS v12.9 exists to contain a remote code execution (RCE) vulnerability via the component /augap/adminip.php.
Seacms Seacms 12.9
4.8
CVSSv3
CVE-2018-16348
SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, related to the site name.
Seacms Seacms 6.61
9.1
CVSSv3
CVE-2018-16444
An issue exists in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter.
Seacms Seacms 6.61
5.3
CVSSv3
CVE-2018-16821
SeaCMS 6.64 allows arbitrary directory listing via upload/admin/admin_template.php?path=../templets/../../ requests.
Seacms Seacms 6.64
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »