Vulnerabilities > SEM CMS > Semcms > 4.8

DATE CVE VULNERABILITY TITLE RISK
2024-02-28 CVE-2024-25422 SQL Injection vulnerability in Sem-Cms Semcms 4.8
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMS_Menu.php component.
network
low complexity
sem-cms CWE-89
critical
 9.8
9.8
2024-01-10 CVE-2023-48864 SQL Injection vulnerability in Sem-Cms Semcms 4.8
SEMCMS v4.8 was discovered to contain a SQL injection vulnerability via the languageID parameter in /web_inc.php.
network
low complexity
sem-cms CWE-89
7.5
7.5
2023-12-14 CVE-2023-50563 SQL Injection vulnerability in Sem-Cms Semcms 4.8
Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at SEMCMS_Function.php.
network
low complexity
sem-cms CWE-89
critical
 9.8
9.8