Vulnerabilities > SEM CMS

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-10	CVE-2023-48864	SQL Injection vulnerability in Sem-Cms Semcms 4.8 SEMCMS v4.8 was discovered to contain a SQL injection vulnerability via the languageID parameter in /web_inc.php. network low complexity sem-cms CWE-89	7.5
2023-12-14	CVE-2023-50563	SQL Injection vulnerability in Sem-Cms Semcms 4.8 Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at SEMCMS_Function.php. network low complexity sem-cms CWE-89 critical	9.8
2023-12-04	CVE-2023-48863	SQL Injection vulnerability in Sem-Cms Semcms 3.9 SEMCMS 3.9 is vulnerable to SQL Injection. network low complexity sem-cms CWE-89	7.5
2023-08-05	CVE-2020-23564	Unrestricted Upload of File with Dangerous Type vulnerability in Sem-Cms Semcms 3.9 File Upload vulnerability in SEMCMS 3.9 allows remote attackers to run arbitrary code via SEMCMS_Upfile.php. network low complexity sem-cms CWE-434	7.2
2023-07-31	CVE-2023-37647	SQL Injection vulnerability in Sem-Cms Semcms 1.5 SEMCMS v1.5 was discovered to contain a SQL injection vulnerability via the id parameter at /Ant_Suxin.php. network low complexity sem-cms CWE-89 critical	9.8
2023-06-30	CVE-2020-18432	Unrestricted Upload of File with Dangerous Type vulnerability in Sem-Cms Semcms 3.7 File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges. network low complexity sem-cms CWE-434 critical	9.8
2023-05-19	CVE-2023-31707	SQL Injection vulnerability in Sem-Cms Semcms 1.5 SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php. network low complexity sem-cms CWE-89 critical	9.8
2023-05-05	CVE-2023-30090	Unrestricted Upload of File with Dangerous Type vulnerability in Sem-Cms Semcms 4.2 Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. network low complexity sem-cms CWE-434 critical	9.8
2022-10-28	CVE-2021-38217	SQL Injection vulnerability in Sem-Cms Semcms 1.2 SEMCMS v 1.2 is vulnerable to SQL Injection via SEMCMS_User.php. network low complexity sem-cms CWE-89 critical	9.8
2022-10-28	CVE-2021-38728	Cross-site Scripting vulnerability in Sem-Cms Semcms 1.1 SEMCMS SHOP v 1.1 is vulnerable to Cross Site Scripting (XSS) via Ant_M_Coup.php. network low complexity sem-cms CWE-79	6.1

Vulnerabilities > SEM CMS {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"SEM CMS"}]}

Vulnerabilities > SEM CMS