Security Advisory

CVE-2025-15002

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-21 23:02:07

Last updated 2026-02-24 06:00:46

Assigner VulDB

State PUBLISHED

Description

A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

← Browse all CVEs View on cve.org ↗