16 matches found
CVE-2018-11583
SeaCMS 6.61 has stored XSS in admincollect.php via the siteurl parameter...
Server side request forgery (ssrf)
An issue was discovered in SeaCMS 6.61. adm1n/adminreslib.php has SSRF via the url parameter...
CVE-2018-16444
An issue was discovered in SeaCMS 6.61. adm1n/adminreslib.php has SSRF via the url parameter...
CVE-2018-16343
SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf in include/main.class.php does not block use of $GLOBALS...
CVE-2018-16343
SeaCMS 6.61 contains a remote code execution flaw: the parseIf() function in include/main.class.php fails to block use of $GLOBALS, enabling attackers to run arbitrary code. This has been documented across multiple sources (CNVD-2018-19075 and NVD/NVD-derived entries) and is tied to SeaCMS’s PHP ...
CVE-2018-14517
SeaCMS 6.61 has two XSS issues in the adminconfig.php file via certain form fields...
CVE-2018-14517
SeaCMS 6.61 has two XSS issues in the adminconfig.php file via certain form fields...
CVE-2018-13444
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/adminmanager.php?action=save&id=2...
Cross site request forgery (csrf)
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account via adm1n/adminmanager.php?action=add...
CVE-2018-13445
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account via adm1n/adminmanager.php?action=add...
CVE-2018-13444
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/adminmanager.php?action=save&id=2...
CVE-2018-13445
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account via adm1n/adminmanager.php?action=add...
CVE-2018-11583
SeaCMS 6.61 has stored XSS in admincollect.php via the siteurl parameter...
Cross site scripting
SeaCMS 6.61 has stored XSS in admincollect.php via the siteurl parameter...
CVE-2018-11583
SeaCMS 6.61 has stored XSS in admincollect.php via the siteurl parameter...
CVE-2018-11583
SeaCMS 6.61 has stored XSS in admincollect.php via the siteurl parameter...