Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1143 matches found

RedhatCVE
RedhatCVEadded 2026/01/26 3:9 p.m.4 views

CVE-2020-36932

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded...

6.1CVSS5.8AI score0.00013EPSS
Exploits1References1
OSV
OSVadded 2026/01/25 1:15 p.m.3 views

CVE-2020-36932

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded...

6.1CVSS5.8AI score
Exploits0References3
NVD
NVDadded 2026/01/25 1:15 p.m.3 views

CVE-2020-36932

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded...

6.1CVSS0.00013EPSS
Exploits1References3
Cvelist
Cvelistadded 2026/01/25 1:4 p.m.25 views

CVE-2020-36932 Seacms 11.1 - 'checkuser' Stored XSS

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded...

6.1CVSS0.00013EPSS
Exploits1References3
EUVD
EUVDadded 2026/01/25 1:4 p.m.3 views

EUVD-2026-4635

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded...

6.4CVSS5.1AI score0.00013EPSS
Exploits1References5
CVE
CVEadded 2026/01/25 1:4 p.m.5 views

CVE-2020-36932

CVE-2020-36932 affects SeaCMS 11.1. The vulnerability is a stored cross-site scripting (XSS) in the checkuser parameter of the admin settings page. The underlying issue allows an attacker to inject JavaScript payloads that execute in users’ browsers when the page loads. Affected component: admin ...

6.1CVSS5.1AI score0.00013EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/25 1:4 p.m.3 views

CVE-2020-36932 Seacms 11.1 - 'checkuser' Stored XSS

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded...

6.1CVSS5.8AI score0.00013EPSS
Exploits1References3
CNNVD
CNNVDadded 2026/01/25 12:0 a.m.1 views

SeaCMS cross-site scripting vulnerabilities

SeaCMS is a free, open-source website content management system developed using PHP by the company Ocean CMS. This system is primarily designed for managing video on-demand resources. Version 11.1 of SeaCMS contains a cross-site scripting vulnerability, which stems from improper cleaning of the...

6.1CVSS5.6AI score0.00013EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/01/25 12:0 a.m.3 views

PT-2026-4650

SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' browsers when the page is loaded...

6.4CVSS5.1AI score0.00013EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/01/09 10:54 a.m.6 views

CVE-2022-23878

seacms V11.5 is affected by an arbitrary code execution vulnerability in adminconfig.php...

9.8CVSS7.7AI score0.00428EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:34 a.m.5 views

CVE-2024-41444

SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so...

9.8CVSS9.8AI score0.00125EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:33 a.m.5 views

CVE-2024-39036

SeaCMS v12.9 is vulnerable to Arbitrary File Read via adminsafe.php...

6.5CVSS6.9AI score0.00353EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:33 a.m.6 views

CVE-2024-39027

SeaCMS v12.9 has an unauthorized SQL injection vulnerability. The vulnerability is caused by the SQL injection through the cid parameter at /js/player/dmplayer/dmku/index.php?ac=edit, which can cause sensitive database information to be leaked...

7.5CVSS7.5AI score0.00107EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:33 a.m.5 views

CVE-2024-39028

An issue was discovered in SeaCMS =12.9 which allows remote attackers to execute arbitrary code via adminping.php...

9.8CVSS8.1AI score0.02656EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/23 12:25 a.m.6 views

CVE-2025-15003

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

7.2CVSS5AI score0.00028EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/12/22 11:29 p.m.4 views

CVE-2025-15002

A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...

9.8CVSS7AI score0.00028EPSS
Exploits1References1
NVD
NVDadded 2025/12/22 12:15 a.m.3 views

CVE-2025-15003

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

7.2CVSS0.00028EPSS
Exploits1References4
OSV
OSVadded 2025/12/22 12:15 a.m.2 views

CVE-2025-15003

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

7.2CVSS5.7AI score
Exploits0References4
CNNVD
CNNVDadded 2025/12/22 12:0 a.m.1 views

SeaCMS SQL注入漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A SQL injection vulnerability exists in SeaCMS 13.3 and earlier versions, which stems from the mishandling of the parameter eid by an...

7.2CVSS5.8AI score0.00028EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2025/12/21 11:32 p.m.2 views

CVE-2025-15003

A vulnerability was found in SeaCMS up to 13.3. The impacted element is an unknown function of the file adminvideo.php. Performing a manipulation of the argument eid results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be used...

7.2CVSS5.4AI score0.00028EPSS
Exploits1References4
Rows per page
Query Builder