Total
106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-50808 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the "notify" variable in admin_notify.php. | |||||
| CVE-2024-44916 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| Vulnerability in admin_ip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution. | |||||
| CVE-2024-54879 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to recharge members indefinitely. | |||||
| CVE-2025-25517 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_reslib.php. | |||||
| CVE-2025-25516 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_paylog.php. | |||||
| CVE-2025-25519 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_zyk.php. | |||||
| CVE-2025-25515 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that allows an authenticated attacker to exploit the database. | |||||
| CVE-2025-25514 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_collect_news.php. | |||||
| CVE-2025-25521 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| Seacms <=13.3 is vulnerable to SQL Injection in admin_type_news.php. | |||||
| CVE-2025-25520 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| Seacms <13.3 is vulnerable to SQL Injection in admin_pay.php. | |||||
| CVE-2025-25796 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_template.php. | |||||
| CVE-2025-25792 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the isopen parameter at admin_weixin.php. | |||||
| CVE-2025-25793 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_notify.php. | |||||
| CVE-2025-25794 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ping.php. | |||||
| CVE-2025-25797 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_smtp.php. | |||||
| CVE-2025-25802 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ip.php. | |||||
| CVE-2025-25813 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_files.php. | |||||
| CVE-2025-25799 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe.php. | |||||
| CVE-2025-25800 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe_file.php. | |||||
| CVE-2024-55461 | 1 Seacms | 1 Seacms | 2025-03-28 | N/A | N/A |
| SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function Ebak_RepPathFiletext(). | |||||