CVE-2024-46640 Information

Description

SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function the check function is not executed during execution allowing remote code execution by writing to the file through the MySQL slow query method.

Reference

https://gitee.com/zheng_botong/CVE-2024-46640