CVE-2025-25521

Summary

CVE-2025-25521 is a recently disclosed vulnerability affecting Seacms versions up to 13.3. This issue permits SQL injection attacks against the admin_type_news.php file. An attacker can exploit this vulnerability by inserting malicious SQL statements into specially crafted input fields, potentially gaining unauthorized access to sensitive data or even taking control of the affected system. Successful exploitation could lead to serious consequences, including data theft, system compromise, and unintended functionality changes. It is crucial for Seacms users to apply the available patch or upgrade to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.