5 matches found
CVE-2020-20340
A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information...
Sql injection
A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information...
CVE-2020-20340
CVE-2020-20340 affects S-CMS v1.0, where a SQL injection flaw in the 4.edu.phpconnfunction.php component exposes sensitive database information. Connected sources corroborate the issue in S-CMS, linking the vulnerability to the 4.edu.phpconnfunction.php path and version 1.0. The root cause is uns...
CVE-2020-20340
A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information...
CVE-2020-19046
CVE-2020-19046 concerns a cross-site scripting (XSS) vulnerability in S-CMS v1.0. The issue is triggered via the component “/admin/tpl.php?page=”, allowing remote attackers to execute arbitrary code. The available connected sources consistently describe the vulnerability as an XSS in S-CMS v1.0 w...