54 matches found
CVE-2025-15002
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to...
EUVD-2022-46300
Malicious code in bioql PyPI...
EUVD-2023-41044
Malicious code in bioql PyPI...
EUVD-2025-5334
Malicious code in bioql PyPI...
CVE-2025-50592
Cross site scripting vulnerability in seacms before 13.2 via the vid parameter to Upload/js/player/dmplayer/player...
PT-2025-25752 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: A SQL Injection issue allows a remote attacker to obtain sensitive information via the "admin datarelate.php" component. Recommendations: For SeaCMS version 12.9, update to a version that fixes this issue, as...
CVE-2024-44921
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del...
CVE-2024-29275
SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php...
CVE-2024-31611
SeaCMS 12.9 has a file deletion vulnerability via admintemplate.php...
CVE-2023-46987
SeaCMS v12.9 was discovered to contain a remote code execution RCE vulnerability via the component /augap/adminip.php...
CVE-2022-48093
Seacms v12.7 was discovered to contain a remote code execution RCE vulnerability via the ip parameter at admin ip.php...
CVE-2020-26642
A cross-site scripting XSS vulnerability has been discovered in the login page of SeaCMS version 11 which allows an attacker to inject arbitrary web script or HTML...
CVE-2025-44073
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admincommentnews.php...
PT-2025-19959 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.3 Description: A SQL injection issue was discovered in the admin comment news.php component. Recommendations: For SeaCMS version 13.3, update to a version that fixes the SQL injection vulnerability in the admin comment...
CVE-2025-44073
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admincommentnews.php...
CVE-2025-44072
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component adminmanager.php...
CVE-2025-44074
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admintopic.php...
PT-2025-19806 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.3 Description: A SQL injection issue was discovered in the admin topic.php component. Recommendations: For SeaCMS version 13.3, update to a version that fixes the SQL injection vulnerability in the admin topic.php component...
CVE-2025-44074
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admintopic.php...
CVE-2025-44071
CVE-2025-44071 concerns SeaCMS v13.3 with a remote code execution (RCE) vulnerability in the phomebak.php component. The issue is described as an improper handling/exposure of phomebak.php that allows an attacker to execute arbitrary code via a crafted request. Impact is high (C/H/I/A = 9.8) with...