A vulnerability classified as critical was found in SeaCMS up to 12.9. This vulnerability affects unknown code of the file /js/player/dmplayer/dmku/index.php?ac=edit. The manipulation of the argument cid leads to sql injection.
This vulnerability was named CVE-2024-39027. The attack can be initiated remotely. There is no exploit available.