Remote Code Execution Vulnerability in SeaCMS by SeaCMS
CVE-2025-25794

5.1MEDIUM

Key Information:

Vendor
SeaCMS
Status
SeaCMS
Vendor
CVE Published:
26 February 2025

Summary

A remote code execution (RCE) vulnerability has been identified in SeaCMS v13.3, allowing attackers to execute arbitrary code via the vulnerable 'admin_ping.php' component. This flaw could potentially lead to unauthorized access and system compromise, making it vital for users to apply security measures to mitigate risks associated with this vulnerability.

References

http://seacms.com
https://www.seacms.com/
https://github.com/Ka7arotto/Seacms/blob/main/Seacms13.3-...

CVSS V3.1

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-25794 : Remote Code Execution Vulnerability in SeaCMS by SeaCMS | SecurityVulnerability.io