CVE-2025-44071

SeaCMS v13.3 was discovered to contain a remote code execution RCE vulnerability via the component phomebak.php. This vulnerability allows attackers to execute arbitrary code via a crafted request...

CVE-2025-44071

SeaCMS v13.3 was discovered to contain a remote code execution RCE vulnerability via the component phomebak.php. This vulnerability allows attackers to execute arbitrary code via a crafted request...

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS v13.3, which stems from improper handling of the phomebak.php component and could lead to remo...

CVE-2025-44071

CVE-2025-44071 concerns SeaCMS v13.3 with a remote code execution (RCE) vulnerability in the phomebak.php component. The issue is described as an improper handling/exposure of phomebak.php that allows an attacker to execute arbitrary code via a crafted request. Impact is high (C/H/I/A = 9.8) with...

CVE-2025-44071

SeaCMS v13.3 was discovered to contain a remote code execution RCE vulnerability via the component phomebak.php. This vulnerability allows attackers to execute arbitrary code via a crafted request...

CVE-2024-40522

There is a remote code execution vulnerability in SeaCMS 12.9. The vulnerability is caused by phomebak.php writing some variable names passed in without filtering them before writing them into the php file. An authenticated attacker can exploit this vulnerability to execute arbitrary commands and...

PT-2024-28898 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: The issue is caused by the phomebak.php file writing variable names passed in without filtering them before writing them into the php file. This allows an authenticated attacker to execute arbitrary commands a...