CVE-2025-15002

A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...

EUVD-2025-5334

Malicious code in bioql PyPI...

EUVD-2022-46300

Malicious code in bioql PyPI...

EUVD-2023-41044

Malicious code in bioql PyPI...

CVE-2025-50592

Cross site scripting vulnerability in seacms before 13.2 via the vid parameter to Upload/js/player/dmplayer/player...

PT-2025-25752 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: A SQL Injection issue allows a remote attacker to obtain sensitive information via the "admin datarelate.php" component. Recommendations: For SeaCMS version 12.9, update to a version that fixes this issue, as...

CVE-2024-44921

SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del...

CVE-2024-29275

SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php...

CVE-2024-31611

SeaCMS 12.9 has a file deletion vulnerability via admintemplate.php...

CVE-2023-46987

SeaCMS v12.9 was discovered to contain a remote code execution RCE vulnerability via the component /augap/adminip.php...

CVE-2022-48093

Seacms v12.7 was discovered to contain a remote code execution RCE vulnerability via the ip parameter at admin ip.php...

CVE-2020-26642

A cross-site scripting XSS vulnerability has been discovered in the login page of SeaCMS version 11 which allows an attacker to inject arbitrary web script or HTML...

CVE-2025-44073

SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admincommentnews.php...

CVE-2025-44073

SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admincommentnews.php...

PT-2025-19959 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.3 Description: A SQL injection issue was discovered in the admin comment news.php component. Recommendations: For SeaCMS version 13.3, update to a version that fixes the SQL injection vulnerability in the admin comment...

CVE-2025-44072

SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component adminmanager.php...

CVE-2025-44074

SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admintopic.php...

CVE-2025-44074

SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admintopic.php...

CVE-2025-44071

SeaCMS v13.3 was discovered to contain a remote code execution RCE vulnerability via the component phomebak.php. This vulnerability allows attackers to execute arbitrary code via a crafted request...

PT-2025-19805 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.3 Description: A SQL injection issue was discovered in the admin manager.php component. Recommendations: For SeaCMS version 13.3, update to a version that fixes the SQL injection vulnerability in the admin manager.php...