Vulnerabilities > SEM CMS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-10 | CVE-2023-48864 | SQL Injection vulnerability in Sem-Cms Semcms 4.8 SEMCMS v4.8 was discovered to contain a SQL injection vulnerability via the languageID parameter in /web_inc.php. | 7.5 |
| 2023-12-04 | CVE-2023-48863 | SQL Injection vulnerability in Sem-Cms Semcms 3.9 SEMCMS 3.9 is vulnerable to SQL Injection. | 7.5 |
| 2023-08-05 | CVE-2020-23564 | Unrestricted Upload of File with Dangerous Type vulnerability in Sem-Cms Semcms 3.9 File Upload vulnerability in SEMCMS 3.9 allows remote attackers to run arbitrary code via SEMCMS_Upfile.php. | 7.2 |
| 2021-12-17 | CVE-2020-18081 | SQL Injection vulnerability in Sem-Cms Semcms 3.8 The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query. | 7.5 |
| 2019-04-25 | CVE-2019-11518 | SQL Injection vulnerability in Sem-Cms Semcms 3.8 An issue was discovered in SEMCMS 3.8. | 7.2 |
| 2018-10-29 | CVE-2018-18742 | Cross-Site Request Forgery (CSRF) vulnerability in Sem-Cms Semcms 3.4 A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI. | 8.8 |