Vulnerabilities > S CMS > S CMS > 1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-31 | CVE-2023-7190 | SQL Injection vulnerability in S-Cms 1.0/1.5/2.0 A vulnerability, which was classified as critical, has been found in S-CMS up to 2.0_build20220529-20231006. | 8.8 |
| 2023-12-31 | CVE-2023-7191 | SQL Injection vulnerability in S-Cms 1.0/1.5/2.0 A vulnerability, which was classified as critical, was found in S-CMS up to 2.0_build20220529-20231006. | 8.8 |
| 2023-12-31 | CVE-2023-7189 | SQL Injection vulnerability in S-Cms 1.0/1.5/2.0 A vulnerability classified as critical was found in S-CMS up to 2.0_build20220529-20231006. | 8.8 |
| 2021-09-01 | CVE-2020-20340 | SQL Injection vulnerability in S-Cms 1.0 A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information. | 5.0 |
| 2021-08-31 | CVE-2020-19046 | Cross-site Scripting vulnerability in S-Cms 1.0 Cross Site Scripting (XSS) in S-CMS v1.0 allows remote attackers to execute arbitrary code via the component '/admin/tpl.php?page='. | 3.5 |
| 2019-04-02 | CVE-2019-10708 | SQL Injection vulnerability in S-Cms 1.0 S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter. | 7.5 |
| 2019-03-27 | CVE-2019-10237 | Cross-Site Request Forgery (CSRF) vulnerability in S-Cms 1.0 S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040. | 6.8 |
| 2019-03-22 | CVE-2019-9925 | Cross-site Scripting vulnerability in S-Cms 1.0 S-CMS PHP v1.0 has XSS in 4.edu.php via the S_id parameter. | 4.3 |
| 2018-12-26 | CVE-2018-20480 | SQL Injection vulnerability in S-Cms 1.0 An issue was discovered in S-CMS 1.0. | 7.5 |
| 2018-12-26 | CVE-2018-20479 | SQL Injection vulnerability in S-Cms 1.0 An issue was discovered in S-CMS 1.0. | 7.5 |