CVE-2025-6864 – SeaCMS Cross-Site Request Forgery Vulnerability

June 29, 2025

CVE ID : CVE-2025-6864

Published : June 29, 2025, 4:15 p.m. | 1 hour, 35 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in SeaCMS up to 13.2. Affected by this issue is some unknown functionality of the file /admin_type.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6865 – DaiCuo Cross-Site Request Forgery (CSRF) Vulnerability

Next Article CVE-2025-6863 – PHPGurukul Local Services Search Engine Management System SQL Injection Vulnerability

Highlights

CVE-2025-29509 – Jan Electron RCE

May 9, 2025

CVE ID : CVE-2025-29509

Published : May 9, 2025, 5:15 p.m. | 2 hours, 23 minutes ago

Description : Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a rendered link in the conversation, due to opening external website in the app and the exposure of electronAPI, with a lack of filtering of URL when calling shell.openExternal().

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

DistroWatch Weekly, Issue 1128

Your Slack app is getting a big upgrade – here’s how to try the new AI features

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

Microsoft confirms Windows 11 25H2, might make Windows more stable

CVE-2025-6864 – SeaCMS Cross-Site Request Forgery Vulnerability

Synology ABM Flaw (CVE-2025-4679) Leaks Global Client Secret, Exposing ALL Microsoft 365 Tenants

D-Link DIR-816 Router Alert: 6 Critical Flaws (CVSS 9.8) Allow Remote Code Execution, NO PATCHES

CVE-2025-5826 – Autel MaxiCharger AC Wallbox Commercial BLE Command Injection Vulnerability

JavaScript Crypto Library OpenPGP.js Hit by High-Risk Spoofing Vulnerability

Announcing Google DeepMind

CVE-2025-5852 – Tenda AC6 PPTP Form Set User List Buffer Overflow

CVE-2025-29509 – Jan Electron RCE

What is the difference between CBT and SFT?

Claude Pro’s two new features make this AI subscription even more enticing

Chrome Update Fixes High-Severity Security Flaw (CVE-2025-4096)

CVE-2025-6864 – SeaCMS Cross-Site Request Forgery Vulnerability

Related Posts