Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the "notify" variable in admin_no
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_notify.php.
CVE-2025-44073
CRITICAL CVSS 9.8
Find Similar
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment_news.php.
CVE-2025-44072
CRITICAL CVSS 9.8
Find Similar
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager.php.
CVE-2025-44074
CRITICAL CVSS 9.8
Find Similar
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php.
Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that allows an authenticated attacker to exploit the database.
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ping.php.
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_smtp.php.
CVE-2024-44921
CRITICAL CVSS 9.8
Find Similar
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del.
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limi
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component admin_ip.php.
Page 1+ Next →