Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SeacmsSeacms

5 matches found

CVE
CVEadded 2024/09/09 4:15 p.m.43 views

CVE-2024-44720

SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe.php.

7.5CVSS7.3AI score0.00293EPSS
CVE
CVEadded 2024/09/09 4:15 p.m.40 views

CVE-2024-44721

SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at /admin_reslib.php.

9.8CVSS7.3AI score0.00263EPSS
CVE
CVEadded 2024/09/03 12:15 p.m.37 views

CVE-2024-44921

SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del.

9.8CVSS7.8AI score0.00103EPSS
CVE
CVEadded 2024/09/20 9:15 p.m.37 views

CVE-2024-46640

SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function, the check function is not executed during execution, allowing remote code execution by writing to the file through the MySQL slow query method.

9.8CVSS7.8AI score0.02212EPSS
CVE
CVEadded 2024/09/03 12:15 p.m.32 views

CVE-2024-44920

A cross-site scripting (XSS) vulnerability in the component admin_collect_news.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the siteurl parameter.

6.1CVSS5.6AI score0.00029EPSS