Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-4403

Malware in sbrugna...

4.8CVSS5.1AI score0.00534EPSS
Exploits1References2
NVD
NVD
added 2018/09/02 6:29 p.m.19 views

CVE-2018-16348

SeaCMS V6.61 has XSS via the adminvideo.php vcontent parameter, related to the site name...

4.8CVSS4.9AI score0.00559EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/09/02 6:0 p.m.17 views

CVE-2018-16348

SeaCMS V6.61 has XSS via the adminvideo.php vcontent parameter, related to the site name...

4.9AI score0.00559EPSS
Exploits1References1
Prion
Prion
added 2018/08/03 7:29 p.m.16 views

Cross site request forgery (csrf)

SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address aka ip to /admin/adminip.php aka /adm1n/adminip.php. The code is executed by visiting adm1n/adminip.php or data/admin/ip.php. This can also be exploited through CSRF...

6.8CVSS8.9AI score0.0099EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/08/03 7:29 p.m.27 views

CVE-2018-14910

SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address aka ip to /admin/adminip.php aka /adm1n/adminip.php. The code is executed by visiting adm1n/adminip.php or data/admin/ip.php. This can also be exploited through CSRF...

8.8CVSS8.9AI score0.0099EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/08/03 7:0 p.m.20 views

CVE-2018-14910

SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address aka ip to /admin/adminip.php aka /adm1n/adminip.php. The code is executed by visiting adm1n/adminip.php or data/admin/ip.php. This can also be exploited through CSRF...

9AI score0.0099EPSS
Exploits1References1
NVD
NVD
added 2018/07/20 1:29 a.m.17 views

CVE-2018-14421

SeaCMS v6.61 allows Remote Code execution by placing PHP code in a movie picture address aka vpic to /admin/adminvideo.php aka /backend/adminvideo.php. The code is executed by visiting /details/index.php. This can also be exploited through CSRF...

8.8CVSS8.9AI score0.00889EPSS
Exploits0References1
Prion
Prion
added 2018/07/20 1:29 a.m.15 views

Cross site request forgery (csrf)

SeaCMS v6.61 allows Remote Code execution by placing PHP code in a movie picture address aka vpic to /admin/adminvideo.php aka /backend/adminvideo.php. The code is executed by visiting /details/index.php. This can also be exploited through CSRF...

6.8CVSS8.8AI score0.00889EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/07/19 6:0 p.m.20 views

CVE-2018-14421

SeaCMS v6.61 allows Remote Code execution by placing PHP code in a movie picture address aka vpic to /admin/adminvideo.php aka /backend/adminvideo.php. The code is executed by visiting /details/index.php. This can also be exploited through CSRF...

8.9AI score0.00889EPSS
Exploits0References1
Prion
Prion
added 2018/06/14 11:29 p.m.17 views

Cross site scripting

SeaCMS V6.61 has XSS via the site name parameter on an adm1n/adminconfig.php page aka a system management page...

3.5CVSS4.8AI score0.00534EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/06/14 11:29 p.m.20 views

CVE-2018-12431

SeaCMS V6.61 has XSS via the site name parameter on an adm1n/adminconfig.php page aka a system management page...

4.8CVSS4.9AI score0.00534EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/06/14 11:0 p.m.18 views

CVE-2018-12431

SeaCMS V6.61 has XSS via the site name parameter on an adm1n/adminconfig.php page aka a system management page...

4.9AI score0.00534EPSS
Exploits1References1
CVE
CVE
added 2018/06/14 11:0 p.m.48 views

CVE-2018-12431

SeaCMS V6.61 is vulnerable to Cross‑Site Scripting via the site name parameter on adm1n/admin_config.php (system management page). The root cause is an XSS flaw in the site name input; impact is user‑visible script injection. The connected records confirm the vulnerability across multiple sources...

4.8CVSS4.9AI score0.00534EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder