Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
CVE-2024-54880
CRITICAL CVSS 9.1
Find Similar
SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to register accounts in bulk.
CVE-2024-54879
CRITICAL CVSS 9.1
Find Similar
SeaCMS V13.1 is vulnerable to Incorrect Access Control. A logic flaw can be exploited by an attacker to allow any user to recharge members indefinitely.
Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that allows an authenticated attacker to exploit the database.
A vulnerability, which was classified as problematic, has been found in SeaCMS up to 13.2. Affected by this issue is some unknown functionality of the file /admin_type.php. The manipulation leads to c
A vulnerability classified as problematic was found in SeaCMS 13.0. Affected by this vulnerability is an unknown functionality of the file /member.php?action=chgpwdsubmit of the component Password Cha
CVE-2025-44074
CRITICAL CVSS 9.8
Find Similar
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php.
CVE-2025-44073
CRITICAL CVSS 9.8
Find Similar
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment_news.php.
CVE-2025-44072
CRITICAL CVSS 9.8
Find Similar
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager.php.
A vulnerability classified as critical was found in SeaCMS up to 13.3. This vulnerability affects unknown code of the file /admin_topic.php?action=delall. The manipulation of the argument e_id leads t
SeaCMS 11.1 contains a stored cross-site scripting vulnerability in the checkuser parameter of the admin settings page. Attackers can inject malicious JavaScript payloads that will execute in users' b
A vulnerability, which was classified as critical, has been found in SeaCMS up to 13.3. This issue affects some unknown processing of the file /admin_link.php?action=delall. The manipulation of the ar
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limi
CVE-2024-44921
CRITICAL CVSS 9.8
Find Similar
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del.
Page 1+ Next →