20 matches found
CVE-2023-43222
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/adminping.php file...
CVE-2023-50470
A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-50470
Summary of CVE-2023-50470 : Multiple sources document a cross-site scripting (XSS) vulnerability in SeaCMS v12.8 affecting the component described as admin_Video.php or admin_ Video.php, allowing an attacker to inject arbitrary web scripts/HTML via a crafted payload. The issue stems from insuffic...
CVE-2023-50470
A cross-site scripting XSS vulnerability in the component admin Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-44847
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin Weixin.php component...
CVE-2023-43222
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/adminping.php file...
Code injection
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/adminping.php file...
CVE-2023-43222
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/adminping.php file...
CVE-2023-43222
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/adminping.php file...
CVE-2023-43222
CVE-2023-43222 affects SeaCMS v12.8, with an arbitrary code writing vulnerability in the file /jxz7g2/admin_ping.php . The incident is described as arbitrary code execution in SeaCMS 12.8, with a CVSS v3.1 base score of 9.8 (CRITICAL) , attack vector NETWORK, no user interaction, and privileges r...
CVE-2023-43278
A Cross-Site Request Forgery CSRF in adminmanager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account...
CVE-2023-43278
A Cross-Site Request Forgery CSRF in adminmanager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account...
CVE-2023-43278
A Cross-Site Request Forgery CSRF in adminmanager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account...
CVE-2022-24235
A Cross-Site Request Forgery CSRF in the management portal of Snapt Aria v12.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors...
Cross site request forgery (csrf)
A Cross-Site Request Forgery CSRF in the management portal of Snapt Aria v12.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors...
Command injection
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands...
CVE-2022-24236
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts...
CVE-2022-24237
CVE-2022-24237 affects Snapt Aria v12.8’s snaptPowered2 component. A command-injection vulnerability allows authenticated attackers to execute arbitrary commands. Documented impact is that this can lead to remote command execution with elevated risk (CVSSv3.1: 8.8, HIGH; network access, low privi...
Snapt Aria安全漏洞
Snapt Aria is an enterprise ADC solution from Snapt USA that provides a load balancer, web gas pedal, web application firewall WAF, global server load balancer GSLB, etc. A security vulnerability exists in Snapt Aria v12.8, which could be exploited by an unauthenticated attacker to send emails fr...