CVE-2025-60449 in SeaCMS
Summary
by MITRE • 10/03/2025
An information disclosure vulnerability has been discovered in SeaCMS 13.1. The vulnerability exists in the admin_safe.php component located in the /btcoan/ directory. This security flaw allows authenticated administrators to scan and download not only the application’s source code but also potentially any file accessible on the server’s root directory.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 10/03/2025
The information disclosure vulnerability in SeaCMS version 13.1 represents a critical security flaw that undermines the integrity of the application's administrative interface. This vulnerability specifically affects the admin_safe.php component within the /btcoan/ directory structure, creating an unauthorized access vector that can be exploited by authenticated users with administrative privileges. The flaw stems from inadequate input validation and access control mechanisms that fail to properly restrict file access operations, allowing malicious administrators to bypass normal security boundaries and gain access to sensitive system resources.
The technical implementation of this vulnerability demonstrates a classic path traversal and privilege escalation issue that aligns with CWE-22 Path Traversal and CWE-798 Use of Hard-coded Credentials patterns. The admin_safe.php component lacks proper sanitization of user-supplied input parameters that control file paths, enabling attackers to manipulate directory traversal sequences and access files beyond the intended scope. This flaw operates at the application layer and can be exploited through HTTP requests that target the vulnerable component, where the application processes user input without sufficient validation to prevent access to arbitrary files on the server filesystem.
The operational impact of this vulnerability extends far beyond simple information disclosure, as it provides attackers with access to the complete application source code along with potentially sensitive configuration files, database credentials, and other system artifacts stored in the server root directory. This access can enable attackers to conduct further reconnaissance, identify additional vulnerabilities, and potentially escalate privileges to gain full system compromise. The vulnerability affects all authenticated administrators, making it particularly dangerous in environments where administrative accounts may be compromised or where insider threats exist. The disclosure of source code can reveal implementation details that aid in developing additional attack vectors and bypassing other security controls.
Security professionals should implement immediate mitigations including input validation and access control restrictions on the admin_safe.php component, ensuring that all file access operations are properly validated and that administrative users cannot access files outside their designated scope. The vulnerability also highlights the importance of principle of least privilege implementation and proper file system permissions. Organizations should conduct thorough security audits of their SeaCMS installations to identify and remediate similar issues, while implementing network segmentation and monitoring controls to detect unauthorized file access attempts. This vulnerability serves as a reminder of the critical importance of secure coding practices and the need for regular security assessments to identify and address information disclosure vulnerabilities that can have cascading effects on overall system security posture.