Vulnerabilities > S CMS > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-21 CVE-2023-51048 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
 9.8
9.8
2023-12-21 CVE-2023-51049 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
 9.8
9.8
2023-12-21 CVE-2023-51050 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
 9.8
9.8
2023-12-21 CVE-2023-51051 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
 9.8
9.8
2023-12-21 CVE-2023-51052 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php.
network
low complexity
s-cms CWE-89
critical
 9.8
9.8
2022-02-14 CVE-2022-23336 SQL Injection vulnerability in S-Cms 5.0
S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter.
network
low complexity
s-cms CWE-89
critical
 9.8
9.8
2021-09-27 CVE-2021-37270 Missing Authorization vulnerability in S-Cms CMS Enterprise Website Construction System 5.0
There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0.
network
low complexity
s-cms CWE-862
critical
 9.8
9.8
2019-04-02 CVE-2019-10708 SQL Injection vulnerability in S-Cms 1.0
S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter.
network
low complexity
s-cms CWE-89
critical
 9.8
9.8
2019-01-25 CVE-2019-6805 SQL Injection vulnerability in S-Cms 3.0
SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi.php O_id parameter.
network
low complexity
s-cms CWE-89
critical
 9.8
9.8
2018-12-26 CVE-2018-20480 SQL Injection vulnerability in S-Cms 1.0
An issue was discovered in S-CMS 1.0.
network
low complexity
s-cms CWE-89
critical
 9.8
9.8