CVE-2024-50808

Summary

SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the "notify" variable in admin_notify.php.

Affected Software

VendorProductVersion RangeStatus
n/an/an/aaffected

Weaknesses

  • n/a

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References