2 matches found
CVE-2024-31009
SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via lgid parameter in Banner.php...
PT-2024-13655 · Semcms · Semcms
Name of the Vulnerable Software and Affected Versions: SEMCMS version 4.8 Description: A SQL injection issue was discovered via the languageID parameter in the "/web inc.php" API endpoint. This allows for potential exploitation. Recommendations: For SEMCMS version 4.8, consider restricting access...