2 matches found
CVE-2024-36800
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Download.php...
CVE-2024-36800
CVE-2024-36800: A SQL injection vulnerability in SEMCMS v4.8 allows a remote attacker to disclose sensitive information via the ID parameter in Download.php. Root cause: improper handling of the ID parameter enables unauthorized database access. Impact is information disclosure; no exploitation d...