SetSeed CMS version 5.8.20 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input 'loggedInUser', which could allow the attacker to view, add, modify or delete information in the back-end database.
2c7d6fde362078986308ded7ffb7656180b3a2a54c0736c861bf3fe6f0c9453c