CVE-2025-4257 – SeaCMS Cross Site Scripting Vulnerability

May 4, 2025

CVE ID : CVE-2025-4257

Published : May 5, 2025, 1:15 a.m. | 2 hours, 17 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in SeaCMS 13.2. This issue affects some unknown processing of the file /admin_pay.php. The manipulation of the argument cstatus leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4258 – Zhangyanbo2007 Youkefu Unrestricted File Upload Vulnerability

Next Article CVE-2025-4256 – SeaCMS Cross-Site Scripting (XSS)

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

Borderlands 4 is killing off a tired “FOMO” trend — I hope other developers follow suit

Dr. Axel’s JavaScript flashcards

Dr. Axel’s JavaScript flashcards

Syntax-Highlight – Custom Element For Syntax Highlighting Content

WelsonJS – Build a Windows app on the Windows built-in JavaScript engine

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

CVE-2025-4257 – SeaCMS Cross Site Scripting Vulnerability

Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Bouncer chooses the correct firewall zone for wireless connections

Microsoft’s Surface Pro 12-inch is a massive upgrade over the Surface Go 4 — Here’s how this performance leap breaks down

The Best Node.js Observability Tools in 2025: N|Solid vs New Relic, Datadog, and More

The second annual Triple-I Initiative Showcase featured more than 40 indie games — Here’s every title showcased for Xbox and PC

JavaScript Weekly: Top Picks for June 6, 2025

FunSearch: Making new discoveries in mathematical sciences using Large Language Models

Nvidia driver 572.83 is causing a black screen on Windows 11, Windows 10

Lilium’s financial collapse triggers CustomCells insolvency at core German sites

CVE-2025-4257 – SeaCMS Cross Site Scripting Vulnerability

Related Posts