Seacms Security Vulnerabilities and Issues — Seacms CVE List

Lucene search

SeacmsSeacms

4 matches found

CVE•added 2018/07/23 8:29 a.m.•33 views

CVE-2018-14517

SeaCMS 6.61 has two XSS issues in the admin_config.php file via certain form fields.

6.1CVSS6AI score0.0024EPSS

CVE•added 2018/07/08 4:29 p.m.•31 views

CVE-2018-13445

An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account via adm1n/admin_manager.php?action=add.

8.8CVSS8.6AI score0.00141EPSS

CVE•added 2018/07/20 1:29 a.m.•30 views

CVE-2018-14421

SeaCMS v6.61 allows Remote Code execution by placing PHP code in a movie picture address (aka v_pic) to /admin/admin_video.php (aka /backend/admin_video.php). The code is executed by visiting /details/index.php. This can also be exploited through CSRF.

8.8CVSS8.8AI score0.00385EPSS

CVE•added 2018/07/08 4:29 p.m.•29 views

CVE-2018-13444

An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/admin_manager.php?action=save&id=2.

8.8CVSS8.6AI score0.00141EPSS