Security Advisory

CVE-2025-22974

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-24 00:00:00
Last updated 2025-02-25 14:34:14
Assigner mitre
State PUBLISHED

Description

SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component.