Vulnerabilities > SEM CMS

DATE CVE VULNERABILITY TITLE RISK
2021-12-17 CVE-2020-18081 SQL Injection vulnerability in Sem-Cms Semcms 3.8
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query.
network
low complexity
sem-cms CWE-89
7.5
2019-04-25 CVE-2019-11518 SQL Injection vulnerability in Sem-Cms Semcms 3.8
An issue was discovered in SEMCMS 3.8.
network
low complexity
sem-cms CWE-89
7.2
2018-12-10 CVE-2018-20017 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.5
SEMCMS 3.5 has XSS via the first text box to the SEMCMS_Main.php URI.
network
low complexity
sem-cms CWE-79
4.8
2018-10-30 CVE-2018-18841 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexkey parameter.
network
low complexity
sem-cms CWE-79
4.8
2018-10-30 CVE-2018-18840 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexmetatit parameter.
network
low complexity
sem-cms CWE-79
5.4
2018-10-29 CVE-2018-18783 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok umail parameter.
network
low complexity
sem-cms CWE-79
6.1
2018-10-29 CVE-2018-18745 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Menu.php?lgid=1 during editing.
network
low complexity
sem-cms CWE-79
4.8
2018-10-29 CVE-2018-18744 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
An XSS issue was discovered in SEMCMS 3.4 via the fifth text box to the admin/SEMCMS_Main.php URI.
network
low complexity
sem-cms CWE-79
4.8
2018-10-29 CVE-2018-18743 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
An XSS issue was discovered in SEMCMS 3.4 via the second text field to the admin/SEMCMS_Categories.php?pid=1&lgid=1 URI.
network
low complexity
sem-cms CWE-79
4.8
2018-10-29 CVE-2018-18742 Cross-Site Request Forgery (CSRF) vulnerability in Sem-Cms Semcms 3.4
A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI.
network
low complexity
sem-cms CWE-352
8.8