18 matches found
EUVD-2024-48130
Malicious code in bioql PyPI...
CVE-2025-50592
Cross site scripting vulnerability in seacms before 13.2 via the vid parameter to Upload/js/player/dmplayer/player...
CVE-2025-50592
CVE-2025-50592 is an XSS vulnerability affecting SeaCMS (“seacms”) prior to version 13.2, exploitable via the vid parameter in Upload/js/player/dmplayer/player. Root cause is cross-site scripting in that input path, with the CVSSv3.1 base score listed as 5.4 (Medium). Affected product: SeaCMS v13...
CVE-2024-44921
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del...
PT-2024-31307 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: A SQL injection vulnerability was discovered in SeaCMS via the id parameter at the "/dmplayer/dmku/index.php?ac=del" endpoint. This issue allows for potential SQL injection attacks. Recommendations: For SeaCMS...
CVE-2024-44921
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del...
CVE-2024-44921
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del...
SeaCMS 安全漏洞
SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS v12.9, which stems from improper handling of the id parameter in the...
CVE-2024-41444
SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so...
CVE-2024-41444
SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so...
CVE-2024-41444
SeaCMS v12.9 contains a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so. The CVE-2024-41444 entry is rated CRITICAL (CVSS v3.1: 9.8) with network access, low exploit complexity, and no privileges required, affecting confidentiality, integrity, and avai...
CVE-2024-7163
A vulnerability, which was classified as problematic, was found in SeaCMS 12.9. This affects an unknown part of the file /js/player/dmplayer/player/index.php. The manipulation of the argument color/vid/url leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...
SeaCMS 跨站脚本漏洞
SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A cross-site scripting vulnerability exists in SeaCMS version 12.9, which stems from the manipulation of the parameters color/vid/url in...
PT-2024-38125 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: A problematic issue was found in SeaCMS, affecting an unknown part of the file /js/player/dmplayer/player/index.php. The manipulation of the argument color/vid/url leads to cross-site scripting. It is possible...
SeaCMS 跨站脚本漏洞
SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A cross-site scripting vulnerability exists in SeaCMS version 12.9, which stems from the manipulation of the parameter yzm in the file...
CVE-2024-39027
SeaCMS v12.9 has an unauthorized SQL injection vulnerability. The vulnerability is caused by the SQL injection through the cid parameter at /js/player/dmplayer/dmku/index.php?ac=edit, which can cause sensitive database information to be leaked...
Sql injection
SeaCms before v12.6 was discovered to contain a SQL injection vulnerability via the component /js/player/dmplayer/dmku/index.php...
SeaCMS SQL注入漏洞
SeaCMS is a free and open source web content management system written in PHP. The system is primarily designed to manage video-on-demand resources. A SQL injection vulnerability exists in versions of SeaCMS prior to v12.6, which stems from its /js/player/dmplayer/dmku/index.php component that...