Lucene search
China National Vulnerability DatabaseCNVD-2023-41864HistoryMay 23, 2023 - 12:00 a.m.
SEMCMS SQL Injection Vulnerability (CNVD-2023-41864)
2023-05-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
semcms
sql injection
version 1.5
illegal commands
sensitive data
0.001 Low
EPSS
Percentile
46.8%
SEMCMS is a foreign trade web content management system (CMS) that supports multiple languages. A SQL injection vulnerability exists in SEMCMS version 1.5, which originates from the lack of validation of external input SQL statements in Ant_Rponse.php. An attacker can exploit this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| semcms semcms | eq | 1.5 |
Related
cvelist
cvelist
CVE-2023-31707
2023-05-19 00:00:00
prion
prion
Sql injection
2023-05-19 14:15:00
cve
cve
CVE-2023-31707
2023-05-19 14:15:09
nvd
nvd
CVE-2023-31707
2023-05-19 14:15:09