SeaCMS 12.9 has a remote code execution vulnerability. The vulnerability is caused by admin_smtp.php directly splicing and writing the user input data into weixin.php without processing it, which allows authenticated attackers to exploit the vulnerability to execute arbitrary commands and obtain system permissions.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-07-12T00:00:00

Updated: 2024-08-02T04:33:11.644Z

Reserved: 2024-07-05T00:00:00

Link: CVE-2024-40519

cve-icon Vulnrichment

Updated: 2024-07-24T14:09:07.814Z

cve-icon NVD

Status : Analyzed

Published: 2024-07-12T16:15:04.903

Modified: 2024-07-12T18:44:58.780

Link: CVE-2024-40519

cve-icon Redhat

No data.