CVE-2025-25513

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 24, 2025

Updated: Feb 28, 2025

CWE ID 89

Summary

CVE-2025-25513 is a newly disclosed vulnerability affecting Seacms versions up to 13.3. Hackers can exploit this SQL Injection flaw in the admin_members.php file to gain unauthorized access to sensitive data or even take control of the affected system. An attacker could inject malicious SQL queries to manipulate or extract information from the database, posing a significant threat to data confidentiality and integrity. System administrators are urged to apply the latest patches or upgrades to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SeaCMS

Affected Vendors

Seacms

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3IDxur
https://www.cve.org/CVERecord?id=CVE-2025-25513
https://nvd.nist.gov/vuln/detail/CVE-2025-25513

Back to Vulnerability Database