Vulnerabilities > Seacms > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-17 | CVE-2018-19350 | Cross-site Scripting vulnerability in Seacms 6.64 In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit email parameter during a password change, as demonstrated by a data: URL in an OBJECT element. | 3.5 |
| 2018-09-02 | CVE-2018-16348 | Cross-site Scripting vulnerability in Seacms 6.61 SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, related to the site name. | 3.5 |
| 2018-06-14 | CVE-2018-12431 | Cross-site Scripting vulnerability in Seacms 6.61 SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page). | 3.5 |