Filtered by vendor Seacms
Subscriptions
Total
107 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50808 | 1 Seacms | 1 Seacms | 2025-03-28 | 8.8 High |
| SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the "notify" variable in admin_notify.php. | ||||
| CVE-2024-54879 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.1 Critical |
| SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to recharge members indefinitely. | ||||
| CVE-2024-54880 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.1 Critical |
| SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to register accounts in bulk. | ||||
| CVE-2025-25514 | 1 Seacms | 1 Seacms | 2025-03-28 | 6.5 Medium |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_collect_news.php. | ||||
| CVE-2025-25515 | 1 Seacms | 1 Seacms | 2025-03-28 | 8.8 High |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that allows an authenticated attacker to exploit the database. | ||||
| CVE-2025-25516 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_paylog.php. | ||||
| CVE-2025-25517 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_reslib.php. | ||||
| CVE-2025-25519 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_zyk.php. | ||||
| CVE-2025-25520 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <13.3 is vulnerable to SQL Injection in admin_pay.php. | ||||
| CVE-2025-25521 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_type_news.php. | ||||
| CVE-2025-25792 | 1 Seacms | 1 Seacms | 2025-03-28 | 4.4 Medium |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the isopen parameter at admin_weixin.php. | ||||
| CVE-2025-25793 | 1 Seacms | 1 Seacms | 2025-03-28 | 5.1 Medium |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_notify.php. | ||||
| CVE-2025-25794 | 1 Seacms | 1 Seacms | 2025-03-28 | 5.1 Medium |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ping.php. | ||||
| CVE-2025-25796 | 1 Seacms | 1 Seacms | 2025-03-28 | 5.1 Medium |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_template.php. | ||||
| CVE-2025-25797 | 1 Seacms | 1 Seacms | 2025-03-28 | 5.1 Medium |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_smtp.php. | ||||
| CVE-2025-25799 | 1 Seacms | 1 Seacms | 2025-03-28 | 6 Medium |
| SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe.php. | ||||
| CVE-2025-25800 | 1 Seacms | 1 Seacms | 2025-03-28 | 5.3 Medium |
| SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe_file.php. | ||||
| CVE-2025-25802 | 1 Seacms | 1 Seacms | 2025-03-28 | 5.1 Medium |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ip.php. | ||||
| CVE-2025-25813 | 1 Seacms | 1 Seacms | 2025-03-28 | 5.1 Medium |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_files.php. | ||||
| CVE-2024-55461 | 1 Seacms | 1 Seacms | 2025-03-28 | 9.8 Critical |
| SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function Ebak_RepPathFiletext(). | ||||