CVE-2024-29275

CRITICAL

CVSS v3

9.8

CRITICAL

EPSS Score

61.8%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php.

Technical Details

Published
3/22/2024

Frequently Asked Questions

What is CVE-2024-29275?

SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php.

Is CVE-2024-29275 actively exploited?

Active exploitation of CVE-2024-29275 has not been confirmed. The EPSS score is 61.8%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-29275?

CVE-2024-29275 has a CVSS v3 base score of 9.8 (CRITICAL severity).

Is CVE-2024-29275 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.