SEMCMS is a foreign trade web content management system (CMS) that supports multiple languages. SQL injection vulnerability exists in SEMCMS SHOP version 1.1, which originates from the lack of validation of externally entered SQL statements in Ant_Pro.php. An attacker can use this vulnerability to execute illegal SQL commands to steal database data.