Vulnerabilities > S CMS

DATE CVE VULNERABILITY TITLE RISK
2024-01-04 CVE-2023-29962 Path Traversal vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain an arbitrary file read vulnerability.
network
low complexity
s-cms CWE-22
6.5
2023-12-31 CVE-2023-7190 SQL Injection vulnerability in S-Cms 1.0/1.5/2.0
A vulnerability, which was classified as critical, has been found in S-CMS up to 2.0_build20220529-20231006.
network
low complexity
s-cms CWE-89
8.8
2023-12-31 CVE-2023-7191 SQL Injection vulnerability in S-Cms 1.0/1.5/2.0
A vulnerability, which was classified as critical, was found in S-CMS up to 2.0_build20220529-20231006.
network
low complexity
s-cms CWE-89
8.8
2023-12-31 CVE-2023-7189 SQL Injection vulnerability in S-Cms 1.0/1.5/2.0
A vulnerability classified as critical was found in S-CMS up to 2.0_build20220529-20231006.
network
low complexity
s-cms CWE-89
8.8
2023-12-21 CVE-2023-51048 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
9.8
2023-12-21 CVE-2023-51049 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
9.8
2023-12-21 CVE-2023-51050 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
9.8
2023-12-21 CVE-2023-51051 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
9.8
2023-12-21 CVE-2023-51052 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
9.8
2023-05-05 CVE-2023-29963 Unspecified vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php.
network
low complexity
s-cms
7.2