CVE-2025-60449

Name of the Vulnerable Software and Affected Versions SeaCMS version 13.1

Description An information disclosure issue exists in SeaCMS 13.1. The flaw is located in the admin safe.php component within the /btcoan/ directory. Authenticated administrators can scan and download the application’s source code and potentially any file accessible on the server’s root directory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.