Vulnerabilities > Seacms > Seacms > 6.69

DATE CVE VULNERABILITY TITLE RISK
2025-02-24 CVE-2025-25513 SQL Injection vulnerability in Seacms
Seacms <=13.3 is vulnerable to SQL Injection in admin_members.php.
network
low complexity
seacms CWE-89
critical
9.8
2024-07-05 CVE-2024-39028 Unspecified vulnerability in Seacms
An issue was discovered in SeaCMS <=12.9 which allows remote attackers to execute arbitrary code via admin_ping.php.
network
low complexity
seacms
critical
9.8
2023-10-25 CVE-2023-46010 Unspecified vulnerability in Seacms
An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component.
network
low complexity
seacms
critical
9.8
2023-10-10 CVE-2023-44846 Unspecified vulnerability in Seacms
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ notify.php component.
network
low complexity
seacms
8.8
2023-10-10 CVE-2023-44847 Unspecified vulnerability in Seacms
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ Weixin.php component.
network
low complexity
seacms
7.2
2023-10-10 CVE-2023-44848 Unspecified vulnerability in Seacms
An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_template.php component.
network
low complexity
seacms
8.1
2023-09-27 CVE-2023-43222 Unspecified vulnerability in Seacms
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/admin_ping.php file.
network
low complexity
seacms
critical
9.8
2023-09-25 CVE-2023-43278 Cross-Site Request Forgery (CSRF) vulnerability in Seacms
A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account.
network
low complexity
seacms CWE-352
8.8
2022-11-16 CVE-2022-43256 SQL Injection vulnerability in Seacms
SeaCms before v12.6 was discovered to contain a SQL injection vulnerability via the component /js/player/dmplayer/dmku/index.php.
network
low complexity
seacms CWE-89
critical
9.8