CVE-2023-0960

Name of the Vulnerable Software and Affected Versions SeaCMS version 11.6

Description A problematic issue was found in the Picture Management component, specifically affecting some unknown functionality of the file /data/config.ftp.php. This issue leads to deserialization and can be exploited remotely.

Recommendations For SeaCMS version 11.6, consider restricting access to the /data/config.ftp.php file until a patch is available. As a temporary workaround, avoid using the Picture Management component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.