CVE-2025-6864
BaseFortify
Publication date: 2025-06-29
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| seacms | seacms | to 13.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6864 is a cross-site request forgery (CSRF) vulnerability in SeaCMS versions up to 13.2, specifically in the /admin_type.php file. It occurs because the application does not properly verify that requests are made intentionally by authenticated users. This allows an attacker to trick a logged-in user into submitting malicious requests, potentially causing unauthorized actions to be performed remotely without authentication. [1, 2]
How can this vulnerability impact me? :
This vulnerability impacts the integrity of the SeaCMS application by allowing attackers to perform unauthorized actions on behalf of authenticated users. While it does not affect confidentiality or availability, it can lead to unauthorized changes or manipulations within the system if a user is tricked into submitting a malicious request. Exploitation is relatively easy due to publicly available proof-of-concept code. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying if your SeaCMS installation is version 13.2 or earlier and if the file /admin_type.php (or /qzm01p/admin_type.php) is present and accessible. You can use Google dorking with queries like 'inurl:admin_type.php' to find potentially vulnerable instances. On your system, you can check the version of SeaCMS installed and verify the presence of the vulnerable file. Since this is a CSRF vulnerability, network detection is difficult, but scanning for the vulnerable URL endpoints and verifying the absence of CSRF tokens in requests to /admin_type.php can help. Specific commands might include: 1) Checking SeaCMS version: `grep 'version' /path/to/seacms/version_file` or checking the admin panel for version info. 2) Searching for the vulnerable file: `find /var/www/html -name admin_type.php` 3) Using curl or browser developer tools to inspect requests to /admin_type.php for missing CSRF tokens. 4) Using Google dork: `site:yourdomain.com inurl:admin_type.php` to find exposed endpoints. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Restrict access to the /admin_type.php file by implementing IP whitelisting or authentication controls to limit who can access this administrative script. 2) Implement CSRF protection mechanisms such as adding CSRF tokens to forms and verifying them server-side. 3) Educate users to avoid clicking on suspicious links that could trigger CSRF attacks. 4) If possible, upgrade or replace SeaCMS with a version or alternative product that is not vulnerable, as no known mitigations are documented. 5) Monitor for suspicious activity related to /admin_type.php and consider disabling or restricting this functionality temporarily until a fix is applied. [1]