SeaCms before v12.6 exists to contain a SQL injection vulnerability via the component /js/player/dmplayer/dmku/index.php.
seacms seacms