Security Advisory
CVE-2025-22974
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component.