CNNVD-202510-470 Information

CNNVD ID

CNNVD-202510-470

Related CVE

CVE-2025-60449

• CNNVD Published: 2025-10-03

Description (Chinese)

SeaCMS是海洋CMS（SeaCMS）公司的一套使用PHP编写的免费、开源的网站内容管理系统。该系统主要被设计用来管理视频点播资源。 SeaCMS 13.1版本存在安全漏洞，该漏洞源于admin_safe.php组件存在信息泄露，可能导致服务器根目录文件被扫描和下载。

Description (English)

SeaCMS is a free, open-source web content management system developed by SeaCMS using PHP. The system is primarily designed to manage video on-demand resources. The SeaCMS version 13.1 has a security loophole, which stems from the leaking of the admin safe.php component, which could lead to the scanning and downloading of the server root directory files.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

海洋CMS

Published

2025-10-03

Last Modified

2026-02-24

References

https://snowhy77.github.io/2025/08/21/Information-Disclosure-Vulnerability-in-SeaCMS/