Filtered by vendor Seacms
Subscribe
Total
106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-54879 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 9.1 CRITICAL |
| SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to recharge members indefinitely. | |||||
| CVE-2024-54880 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 9.1 CRITICAL |
| SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to register accounts in bulk. | |||||
| CVE-2025-25514 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 6.5 MEDIUM |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_collect_news.php. | |||||
| CVE-2025-25515 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 8.8 HIGH |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that allows an authenticated attacker to exploit the database. | |||||
| CVE-2025-25516 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 9.8 CRITICAL |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_paylog.php. | |||||
| CVE-2025-25517 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 9.8 CRITICAL |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_reslib.php. | |||||
| CVE-2025-25519 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 9.8 CRITICAL |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_zyk.php. | |||||
| CVE-2025-25520 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 9.8 CRITICAL |
| Seacms <13.3 is vulnerable to SQL Injection in admin_pay.php. | |||||
| CVE-2025-25521 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 9.8 CRITICAL |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_type_news.php. | |||||
| CVE-2025-25792 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 4.4 MEDIUM |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the isopen parameter at admin_weixin.php. | |||||
| CVE-2025-25793 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 5.1 MEDIUM |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_notify.php. | |||||
| CVE-2025-25794 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 5.1 MEDIUM |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ping.php. | |||||
| CVE-2025-25796 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 5.1 MEDIUM |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_template.php. | |||||
| CVE-2025-25797 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 5.1 MEDIUM |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_smtp.php. | |||||
| CVE-2025-25799 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 6.0 MEDIUM |
| SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe.php. | |||||
| CVE-2025-25800 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 5.3 MEDIUM |
| SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe_file.php. | |||||
| CVE-2025-25802 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 5.1 MEDIUM |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ip.php. | |||||
| CVE-2025-25813 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 5.1 MEDIUM |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_files.php. | |||||
| CVE-2024-55461 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 9.8 CRITICAL |
| SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function Ebak_RepPathFiletext(). | |||||
| CVE-2024-42598 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | 6.7 MEDIUM |
| SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_editplayer.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges. | |||||