CVE-2024-6416 – A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by …

30 June 2024

Vuln ID: CVE-2024-6416

Published: 2024-06-30 22:15:02.113

Description: A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /js/player/dmplayer/dmku/?ac=edit. The manipulation of the argument cid with the input (select(0)from(select(sleep(10)))v) leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270007.

Base Score: 6.3 – MEDIUM

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Source: NVD.NIST.GOV

Date:

30 June 2024

Categorie(s):

NVD

Tag(s):

NVD

How macOS Sequoia can help you at work16 September 2024
RansomHub Ransomware Gang Leaks 487GB of Alleged Kawasaki Europe Data16 September 2024
Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches16 September 2024
Create security observability using generative AI with Security Lake and Amazon Q in QuickSight16 September 2024
Cyberattacks against manufacturing sector increased 105% in H1 of 202416 September 2024