VYPR
Unrated severityNVD Advisory· Published Jul 5, 2024· Updated Mar 3, 2026

CVE-2024-39027

CVE-2024-39027

Description

SeaCMS v12.9 has an unauthorized SQL injection vulnerability. The vulnerability is caused by the SQL injection through the cid parameter at /js/player/dmplayer/dmku/index.php?ac=edit, which can cause sensitive database information to be leaked.

Affected products

2
  • Seacms/Seacmscpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: =12.9

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.