CVE-2018-16343: Code Injection
First published: Sun Sep 02 2018(Updated: )
SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf() in include/main.class.php does not block use of $GLOBALS.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Seacms Seacms | =6.61 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for SeaCMS 6.61?
The vulnerability ID for SeaCMS 6.61 is CVE-2018-16343.
What is the severity rating of CVE-2018-16343?
CVE-2018-16343 has a severity rating of 7.2 (High).
How can remote attackers exploit CVE-2018-16343?
Remote attackers can exploit CVE-2018-16343 to execute arbitrary code.
What software version is affected by CVE-2018-16343?
SeaCMS 6.61 is affected by CVE-2018-16343.
Is there a fix available for CVE-2018-16343?
There may not be an official fix available for CVE-2018-16343. It is recommended to apply any patches or security updates provided by the vendor.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/seacms
- canonical/seacms seacms
- version/seacms seacms/6.61