SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated malicious users to execute arbitrary code and obtain sensitive information via the id parameter in class.php.