Vulnerabilities > SEM CMS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-28 | CVE-2021-38728 | Cross-site Scripting vulnerability in Sem-Cms Semcms 1.1 SEMCMS SHOP v 1.1 is vulnerable to Cross Site Scripting (XSS) via Ant_M_Coup.php. | 6.1 |
| 2021-12-17 | CVE-2020-18078 | Unspecified vulnerability in Sem-Cms Semcms 3.8 A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password. | 5.0 |
| 2021-12-17 | CVE-2020-18081 | SQL Injection vulnerability in Sem-Cms Semcms 3.8 The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query. | 5.0 |
| 2019-04-25 | CVE-2019-11518 | SQL Injection vulnerability in Sem-Cms Semcms 3.8 An issue was discovered in SEMCMS 3.8. | 6.5 |
| 2018-10-29 | CVE-2018-18783 | Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4 XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok umail parameter. | 4.3 |
| 2018-10-29 | CVE-2018-18742 | Cross-Site Request Forgery (CSRF) vulnerability in Sem-Cms Semcms 3.4 A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI. | 6.8 |