Sql injection

An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admintopicvod.php request...

Server side request forgery (ssrf)

An issue was discovered in SeaCMS 6.61. adm1n/adminreslib.php has SSRF via the url parameter...

CVE-2018-16445

An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admintopicvod.php request...

CVE-2018-16445

An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admintopicvod.php request...

CVE-2018-16445

SeaCMS ≤6.61 is affected by an SQL injection in adm1n/admin_topic_vod.php via the tid parameter. The root cause is an unsafely interpolated tid input leading to query manipulation, enabling unauthorized data access or modification. Affected product/line: SeaCMS (Ocean CMS). The CVSS metrics indic...

SeaCMS Server-Side Request Forgery Vulnerability

SeaCMS Ocean CMS is a professional open source free PHP film and television system. There is a server-side request forgery vulnerability in adm1n/adminreslib.php in 6.61 and earlier versions of SeaCMS, which can be exploited by an attacker through the url parameter to conduct a server-side reques...

CVE-2018-13445

SeaCMS 6.61 is affected by a CSRF vulnerability that allows an attacker to add a user account via adm1n/admin_manager.php?action=add. The root cause is CSRF in the admin interface; impact indicates high severity (NVD CVSS3: 8.8) with network origin, no authentication, and high confidentiality, in...

PHP 5.2.3 - PHP_win32sti Local Buffer Overflow (2)

PHP 5.2.3 - PHPwin32sti Local Buffer Overflow 2 "adm1n" password="netjackal" $SC= "\xEB\x19\x5A\x31\xC0\x50\x88\x42\x52\x52\xBB\x6D\x13\x86". "\x7C\xFF\xD3\xBB\xDA\xCD\x81\x7C\x31\xC0\x50\xFF\xD3\xE8". "\xE2\xFF\xFF\xFF\x63\x6D\x64\x2E\x65\x78\x65\x20\x2F\x63"...