CNNVD-202512-3905 Information
CNNVD ID
CNNVD-202512-3905
Related CVE
- CNNVD Published: 2025-12-22
Description (Chinese)
SeaCMS是海洋CMS(SeaCMS)公司的一套使用PHP编写的免费、开源的网站内容管理系统。该系统主要被设计用来管理视频点播资源。 SeaCMS 13.3及之前版本存在SQL注入漏洞,该漏洞源于文件admin_video.php中未知函数对参数e_id处理不当,可能导致SQL注入。
Description (English)
SeaCMS is a free, open-source web content management system developed by SeaCMS using PHP. The system is primarily designed to manage video on-demand resources. SeaCMS 13.3 and previous versions have a SQL injection loophole, which stems from the inappropriate handling of the unknown function in document admin video.php to the parameter e id, which may lead to SQL injection.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
海洋CMS
Published
2025-12-22
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.337708 https://vuldb.com/?id.337708 https://vuldb.com/?submit.716084 https://note-hxlab.wetolink.com/share/aTI1wPFLm7FG https://access.redhat.com/security/cve/cve-2025-15003
Share on: