是威少喽

**Name of the Vulnerable Software and Affected Versions** SeaCMS version 12.9 **Description** A remote code execution (RCE) issue was discovered in SeaCMS via the component /augap/adminip.php. This allows for potential code execution by remote attackers. **Recommendations** For SeaCMS version 12.9, consider disabling access to the /augap/adminip.php component until a patch is available. Restricting access to this component can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SeaCMS version 12.8 **Description** A cross-site scripting (XSS) vulnerability in the component `admin Video.php` of SeaCMS allows attackers to execute arbitrary web scripts or HTML via a crafted payload. **Recommendations** For SeaCMS version 12.8, consider disabling the `admin Video.php` component until a patch is available to prevent exploitation of the XSS vulnerability.