CVE-2025-4257 | SeaCMS 13.2 /admin_pay.php cstatus cross site scripting (Issue 26)

Inserito da Angelo Barbosa | Mag 4, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in SeaCMS 13.2. This issue affects some unknown processing of the file /admin_pay.php. The manipulation of the argument cstatus leads to cross site scripting.

The identification of this vulnerability is CVE-2025-4257. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-4257 | SeaCMS 13.2 /admin_pay.php cstatus cross site scripting (Issue 26)

Post correlati

CVE-2023-4674 | Yaztek E-Commerce Software up to 20231229 sql injection

CVE-2024-21494 | greenpau caddy-security Header X-Forwarded-For authentication spoofing (Issue 266)

CVE-2024-38796 | TianoCore EDK2 up to edk2-stable202405 PeCoffLoaderRelocateImage heap-based overflow (GHSA-xpcr-7hjq-m6qm)

CVE-2023-43994 | makotoya mini-app on Line 13.6.1 Channel Access Token information disclosure