Products
SeaCMS
- 13.0
Source
cve@mitre.org
Tags
CVE-2024-42599 details
Published : Aug. 22, 2024, 8:15 p.m.
Last Modified : Aug. 22, 2024, 8:15 p.m.
Last Modified : Aug. 22, 2024, 8:15 p.m.
Description
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_files.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://gitee.com/fushuling/cve/blob/master/CVE-2024-42599.md | cve@mitre.org |
https://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_files.php%20code%20injection.md | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.