25 matches found
EUVD-2018-6338
Malware in sbrugna...
EUVD-2018-8194
Malware in sbrugna...
EUVD-2018-8843
Malware in sbrugna...
CVE-2021-29313
Cross Site Scripting XSS vulnerability exists in SeaCMS 12.6 via the 1 vcompany and 2 vtvs parameters in /adminvideo.php,...
SeaCMS Cross-Site Scripting Vulnerability (CNVD-2024-06149)
SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A cross-site scripting vulnerability exists in SeaCMS v12.8, which stems from the lack of effective filtering and escaping of user-supplied da...
Cross site scripting
A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2021-29313
Cross Site Scripting XSS vulnerability exists in SeaCMS 12.6 via the 1 vcompany and 2 vtvs parameters in /adminvideo.php,...
Cross site scripting
Cross Site Scripting XSS vulnerability exists in SeaCMS 12.6 via the 1 vcompany and 2 vtvs parameters in /adminvideo.php,...
CVE-2021-29313
Cross Site Scripting XSS vulnerability exists in SeaCMS 12.6 via the 1 vcompany and 2 vtvs parameters in /adminvideo.php,...
CVE-2021-29313
CVE-2021-29313 affects SeaCMS 12.6, with a cross-site scripting (XSS) flaw exploitable via the (1) v_company and (2) v_tvs parameters in /admin_video.php. The NVD entry lists CVSS2/3 base scores of 4.3 (MEDIUM) and 6.1 (MEDIUM) respectively, reflecting network attack vector, no authentication, an...
SeaCMS SQL Injection Vulnerability (CNVD-2018-19865)
SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A SQL injection vulnerability exists in the 'order' parameter in SeaCMS version 6.64, which can be exploited by remote attackers to execute SQ...
CVE-2018-16822
SeaCMS 6.64 allows SQL Injection via the upload/admin/adminvideo.php order parameter...
Sql injection
SeaCMS 6.64 allows SQL Injection via the upload/admin/adminvideo.php order parameter...
CVE-2018-16822
SeaCMS 6.64 contains a SQL Injection in the upload/admin/admin_video.php order parameter. The underlying issue is improper handling/validation of the order parameter, enabling remote attackers to craft SQL commands. Severity is high (CVSS v3.0: CRITICAL; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The ...
CVE-2018-16822
SeaCMS 6.64 allows SQL Injection via the upload/admin/adminvideo.php order parameter...
Design/Logic Flaw
An issue was discovered in SeaCMS 6.64. XSS exists in adminvideo.php via the action, area, type, yuyan, jqtype, visunion, vrecycled, vismoney, or vispsd parameter...
CVE-2018-17062
An issue was discovered in SeaCMS 6.64. XSS exists in adminvideo.php via the action, area, type, yuyan, jqtype, visunion, vrecycled, vismoney, or vispsd parameter...
CVE-2018-17062
An issue was discovered in SeaCMS 6.64. XSS exists in adminvideo.php via the action, area, type, yuyan, jqtype, visunion, vrecycled, vismoney, or vispsd parameter...
CVE-2018-17062
SeaCMS 6.64 contains a cross-site scripting (XSS) vulnerability in admin_video.php exploitable via the action, area, type, yuyan, jqtype, v_isunion, v_recycled, v_ismoney, or v_ispsd parameters. The issue is documented across multiple sources (NVD CVE-2018-17062, CNVD-2018-19743, CVELIST, PRION) ...
CVE-2018-17062
An issue was discovered in SeaCMS 6.64. XSS exists in adminvideo.php via the action, area, type, yuyan, jqtype, visunion, vrecycled, vismoney, or vispsd parameter...