CNNVD-202509-3021 Information

CNNVD ID

CNNVD-202509-3021

Related CVE

CVE-2025-10662

• CNNVD Published: 2025-09-18

Description (Chinese)

SeaCMS是海洋CMS（SeaCMS）公司的一套使用PHP编写的免费、开源的网站内容管理系统。该系统主要被设计用来管理视频点播资源。 SeaCMS 13.3及之前版本存在SQL注入漏洞，该漏洞源于对文件/admin_members.php中参数ID的错误操作，可能导致SQL注入攻击。

Description (English)

SeaCMS is a free, open-source web content management system developed by SeaCMS using PHP. The system is primarily designed to manage video on-demand resources. The SeaCMS 13.3 and previous versions had an SQL injection loophole, which stemmed from an error in the operation of parameter ID in document/admin members.php, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

海洋CMS

Published

2025-09-18

Last Modified

2026-02-24

References

https://github.com/coolcj-stack/seacms-v13.3-sqli/blob/main/README.md https://vuldb.com/?ctiid.324783 https://vuldb.com/?id.324783 https://vuldb.com/?submit.649866