CNNVD-202509-4239 Information

CNNVD ID

CNNVD-202509-4239

Related CVE

CVE-2025-11071

• CNNVD Published: 2025-09-27

Description (Chinese)

SeaCMS是海洋CMS（SeaCMS）公司的一套使用PHP编写的免费、开源的网站内容管理系统。该系统主要被设计用来管理视频点播资源。 SeaCMS 13.3.20250820版本存在SQL注入漏洞，该漏洞源于对文件/admin_cron.php中参数resourcefrom/collectID的错误操作，可能导致SQL注入攻击。

Description (English)

SeaCMS is a free, open-source web content management system developed by SeaCMS using PHP. The system is primarily designed to manage video on-demand resources. The SeaCMS 133.2500820 version contains an injection loophole in SQL, which stems from the erroneous operation of the parameter resourcefrom/collectID in the document/admin cron.php, which could lead to an attack on SQL.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

海洋CMS

Published

2025-09-27

Last Modified

2026-02-24

References

https://github.com/Hebing123/cve/issues/93 https://vuldb.com/?id.326112 https://vuldb.com/?ctiid.326112 https://vuldb.com/?submit.659883 https://access.redhat.com/security/cve/cve-2025-11071