Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seacms vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-16445
An issue exists in SeaCMS up to and including 6.61. SQL injection exists via the tid parameter in an adm1n/admin_topic_vod.php request.
Seacms Seacms
578
VMScore
CVE-2018-16343
SeaCMS 6.61 allows remote malicious users to execute arbitrary code because parseIf() in include/main.class.php does not block use of $GLOBALS.
Seacms Seacms 6.61
312
VMScore
CVE-2018-16348
SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, related to the site name.
Seacms Seacms 6.61
605
VMScore
CVE-2018-14910
SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address (aka ip) to /admin/admin_ip.php (aka /adm1n/admin_ip.php). The code is executed by visiting adm1n/admin_ip.php or data/admin/ip.php. This can also be exploited through CSRF.
Seacms Seacms 6.61
383
VMScore
CVE-2018-14517
SeaCMS 6.61 has two XSS issues in the admin_config.php file via certain form fields.
Seacms Seacms 6.61
605
VMScore
CVE-2018-14421
SeaCMS v6.61 allows Remote Code execution by placing PHP code in a movie picture address (aka v_pic) to /admin/admin_video.php (aka /backend/admin_video.php). The code is executed by visiting /details/index.php. This can also be exploited through CSRF.
Seacms Seacms 6.61
605
VMScore
CVE-2018-13444
An issue exists in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/admin_manager.php?action=save&id=2.
Seacms Seacms 6.61
605
VMScore
CVE-2018-13445
An issue exists in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account via adm1n/admin_manager.php?action=add.
Seacms Seacms 6.61
312
VMScore
CVE-2018-12431
SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page).
Seacms Seacms 6.61
383
VMScore
CVE-2018-11583
SeaCMS 6.61 has stored XSS in admin_collect.php via the siteurl parameter.
Seacms Seacms 6.61
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »