Vulnerabilities > CVE-2024-40518 - Unspecified vulnerability in Seacms 12.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by admin_weixin.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain system permissions.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |