- Description
- SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the "notify" variable in admin_notify.php.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-94
- Hype score
- Not currently trending
CVE-2024-50808 Code Injection Vulnerability in SeaCms 13.1 Notification Module SeaCms 13.1 has a code injection issue in the member message notification part of the backend user module. This happens because the "... https://t.co/k0GsRCXpYc
@VulmonFeeds
9 Nov 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-50808 SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of… https://t.co/Aeh7uHcrRT
@CVEnew
8 Nov 2024
350 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:seacms:seacms:13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FD99F78-3066-4826-96DA-6F8466EDB1B7"
}
],
"operator": "OR"
}
]
}
]