CVE-2025-4256 | SeaCMS 13.2 /admin_paylog.php cstatus cross site scripting (Issue 25)

Inserito da Angelo Barbosa | Mag 4, 2025 | CVE

A vulnerability classified as problematic was found in SeaCMS 13.2. This vulnerability affects unknown code of the file /admin_paylog.php. The manipulation of the argument cstatus leads to cross site scripting.

This vulnerability was named CVE-2025-4256. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4256 | SeaCMS 13.2 /admin_paylog.php cstatus cross site scripting (Issue 25)

Post correlati

CVE-2024-21869 | Rapid SCADA up to 5.8.4 credentials storage (icsa-24-011-03)

CVE-2024-11782 | WP Mailster Plugin up to 1.8.17.0 on WordPress cross site scripting

CVE-2024-8054 | MM-Breaking News Plugin up to 0.7.9 on WordPress cross-site request forgery

CVE-2024-10506 | code-projects Blood Bank System 1.0 B-.php Bloodname sql injection