CVE-2025-15003

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

CVE-2025-15003

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

CVE-2025-15003

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

SeaCMS SQL注入漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A SQL injection vulnerability exists in SeaCMS 13.3 and earlier versions, which stems from the mishandling of the parameter eid by an...

CVE-2025-15003 SeaCMS admin_video.php sql injection

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

CVE-2025-15003

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

EUVD-2025-204677

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

CVE-2025-15003

CVE-2025-15003 affects SeaCMS up to version 13.3; vulnerability stems from an SQL injection in an unknown function handling the e_id parameter within admin_video.php, exploitable remotely. Multiple connected sources confirm remote exploitation and public exploits; Red Hat/RedHat-verified advisori...

CVE-2025-15003 SeaCMS admin_video.php sql injection

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

CVE-2024-44683

Seacms v13 is vulnerable to Cross Site Scripting XSS via admin-video.php...

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS. The system has been designed primarily to manage video-on-demand resources. A cross-site scripting vulnerability exists in SeaCMS version v13, which originates from a cross-site scripting vulnerability contained...

PT-2024-28451 · Skilltree · Skilltree

Name of the Vulnerable Software and Affected Versions: SkillTree versions prior to 2.12.6 Description: The issue concerns a cross-site request forgery CSRF vulnerability in the /admin/projects/projectname/skills/skillname/video endpoint, which is open to exploitation due to the lack of CSRF...

CVE-2023-50470

A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2023-50470

A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

SeaCMS 安全漏洞

SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A cross-site scripting vulnerability exists in SeaCMS v12.8, which stems from the lack of effective filtering and escaping of user-supplied da...

PT-2023-31572 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.8 Description: A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For SeaCMS version 12.8,...

CVE-2023-50470

A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2022-38283

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/video/list...

CVE-2022-38283

JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/video/list...

CVE-2022-38283

CVE-2022-38283 affects JFinal CMS 5.1.0, where the /admin/video/list endpoint is vulnerable to SQL injection due to improper input handling. The vulnerability is documented with a CVSS v3.1 base score of 7.2 (HIGH), impacting confidentiality, integrity, and availability. Remediation guidance avai...