CVE-2025-4257 | SeaCMS 13.2 /admin_pay.php cstatus cross site scripting (Issue 26)

Inserito da Angelo Barbosa | Mag 4, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in SeaCMS 13.2. This issue affects some unknown processing of the file /admin_pay.php. The manipulation of the argument cstatus leads to cross site scripting.

The identification of this vulnerability is CVE-2025-4257. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4257 | SeaCMS 13.2 /admin_pay.php cstatus cross site scripting (Issue 26)

Post correlati

CVE-2024-10786 | Simple Local Avatars Plugin up to 2.7.11 on WordPress User Cache authorization

CVE-2024-52331 | ECOVACS Robot Lawn Mower/Robot Vacuum Firmware Update code download

CVE-2025-22776 | Jay Carter WP Bulletin Board Plugin up to 1.1.4 on WordPress cross site scripting

CVE-2024-8772 | AXIS OS up to 12.0 VAPIX API managedoverlayimages.cgi improper validation of syntactic correctness of input