Vulnerabilities > SEM CMS > Semcms > 3.4

DATE CVE VULNERABILITY TITLE RISK
2018-10-30 CVE-2018-18841 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexkey parameter.
network
sem-cms CWE-79
3.5
3.5
2018-10-30 CVE-2018-18840 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexmetatit parameter.
network
sem-cms CWE-79
3.5
3.5
2018-10-29 CVE-2018-18783 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok umail parameter.
network
sem-cms CWE-79
4.3
4.3
2018-10-29 CVE-2018-18745 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Menu.php?lgid=1 during editing.
network
sem-cms CWE-79
3.5
3.5
2018-10-29 CVE-2018-18744 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
An XSS issue was discovered in SEMCMS 3.4 via the fifth text box to the admin/SEMCMS_Main.php URI.
network
sem-cms CWE-79
3.5
3.5
2018-10-29 CVE-2018-18743 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
An XSS issue was discovered in SEMCMS 3.4 via the second text field to the admin/SEMCMS_Categories.php?pid=1&lgid=1 URI.
network
sem-cms CWE-79
3.5
3.5
2018-10-29 CVE-2018-18742 Cross-Site Request Forgery (CSRF) vulnerability in Sem-Cms Semcms 3.4
A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI.
network
sem-cms CWE-352
6.8
6.8
2018-10-29 CVE-2018-18741 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Download.php?lgid=1 during editing.
network
sem-cms CWE-79
3.5
3.5
2018-10-29 CVE-2018-18740 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
An XSS issue was discovered in SEMCMS 3.4 via the first input field to the admin/SEMCMS_Link.php?lgid=1 URI.
network
sem-cms CWE-79
3.5
3.5
2018-10-29 CVE-2018-18739 Cross-site Scripting vulnerability in Sem-Cms Semcms 3.4
An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_Products.php?lgid=1 Keywords field.
network
sem-cms CWE-79
3.5
3.5