CVE-2024-40570
BaseFortify
Publication date: 2025-06-17
Last updated on: 2025-06-23
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| seacms | seacms | 12.9 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2024-40570 is an authenticated SQL injection vulnerability in SeaCMS version 12.9. It occurs in the admin_datarelate.php component where user input is directly included in SQL queries without proper sanitization or validation. This allows an authenticated attacker to inject arbitrary SQL code, potentially manipulating the database queries executed by the application. [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow an authenticated attacker to access or modify sensitive information within the SeaCMS application without authorization. By injecting SQL commands, the attacker could retrieve confidential data, alter database contents, or disrupt normal application behavior, potentially leading to data breaches or loss of data integrity. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending an authenticated POST request to the vulnerable endpoint `/admin_datarelate.php?action=result` with a SQL injection payload such as `sql=(select 1 from (select(sleep(5)))x)`. If the response is delayed by the sleep time, it indicates the presence of the SQL injection vulnerability. Example command using curl: curl -X POST -d "sql=(select 1 from (select(sleep(5)))x)" -b "cookie=your_auth_cookie" https://your-seacms-site/{random_path}/admin_datarelate.php?action=result [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable `admin_datarelate.php` component to trusted authenticated users only, applying input validation and sanitization to all user-supplied inputs in the affected script, and updating SeaCMS to a version where this vulnerability is patched once available. Additionally, monitor and audit access logs for suspicious activity related to this endpoint. [1, 2]