58 matches found
CVE-2024-41444
SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so...
EUVD-2023-48530
Malicious code in bioql PyPI...
CVE-2023-43216
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component adminip.php...
CVE-2024-44920
A cross-site scripting XSS vulnerability in the component admincollectnews.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the siteurl parameter...
CVE-2024-44921
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del...
CVE-2024-44921
SeaCMS v12.9 is affected by a SQL injection vulnerability in the id parameter of the /dmplayer/dmku/index.php?ac=del endpoint. The vulnerability’s CVSS 3.1 base score is 9.8 (CRITICAL) with NETWORK attack vector, no privileges required, and no user interaction. The impact is Confidentiality, Inte...
CVE-2024-44920
A cross-site scripting XSS vulnerability in the component admincollectnews.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the siteurl parameter...
CVE-2024-44921
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del...
CVE-2024-44920
A cross-site scripting XSS vulnerability in the component admincollectnews.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the siteurl parameter...
CVE-2024-44921
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del...
CVE-2024-44918
A cross-site scripting XSS vulnerability in the component admindatarelate.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-44918
A cross-site scripting XSS vulnerability in the component admindatarelate.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-44918
A cross-site scripting XSS vulnerability in the component admindatarelate.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2024-44918
CVE-2024-44918 is a cross-site scripting vulnerability in SeaCMS v12.9, affecting the component admin_datarelate.php . The issue allows attackers to run arbitrary web scripts or HTML via a crafted payload. The CVSS 3.1 base score is reported as 3.5 (Low) with network attack vector, low complexity...
CVE-2024-44919
A cross-site scripting XSS vulnerability in the component adminads.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ad description parameter...
CVE-2024-44919
A cross-site scripting XSS vulnerability in the component adminads.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ad description parameter...
CVE-2024-44919
CVE-2024-44919 affects SeaCMS v12.9, specifically the admin_ads.php component. The documents describe a cross-site scripting (XSS) vulnerability that allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ad description parameter. The vulnerability is co...
CVE-2024-44919
A cross-site scripting XSS vulnerability in the component adminads.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ad description parameter...
CVE-2024-41444
SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so...
CVE-2024-41444
SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so...