SeaCMS 7.2 member.php Request credentials management

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, was found in SeaCMS 7.2. This affects an unknown code of the file member.php?mod=repsw4. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field02/18/2019 09:37 AM05/11/2020 06:56 AM
nameSeaCMSSeaCMS
version7.27.2
filemember.php?mod=repsw4member.php?mod=repsw4
input_typeRequestRequest
cwe255 (privilege escalation)255 (privilege escalation)
cvss2_vuldb_basescore4.04.0
cvss2_vuldb_tempscore4.04.0
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auSS
cvss2_vuldb_ciPP
cvss2_vuldb_iiNN
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acLL
cvss2_nvd_auSS
cvss2_nvd_ciPP
cvss2_nvd_iiNN
cvss2_nvd_aiNN
cvss3_meta_basescore8.88.8
cvss3_meta_tempscore8.88.8
cvss3_vuldb_basescore8.88.8
cvss3_vuldb_tempscore8.88.8
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
cvss3_nvd_avNN
cvss3_nvd_acLL
cvss3_nvd_prLL
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cHH
cvss3_nvd_iHH
cvss3_nvd_aHH
date1550361600 (02/17/2019)1550361600 (02/17/2019)
price_0day$0-$5k$0-$5k
cveCVE-2019-8418CVE-2019-8418
cve_assigned15503616001550361600
cve_nvd_summarySeaCMS 7.2 mishandles member.php?mod=repsw4 requests.SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.
risk22
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
0day_days4242
cvss3_nvd_basescore8.88.8
discoverydate1546732800

Interested in the pricing of exploits?

See the underground prices here!