CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

ATTACKERKB•added 2026/01/29 12:2 a.m.•5 views

CVE-2026-1552

A security vulnerability has been detected in SEMCMS 5.0. This vulnerability affects unknown code of the file /SEMCMSInfo.php. The manipulation of the argument searchml leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be...

6.5CVSS5.7AI score0.00018EPSS

Exploits1References4

Positive Technologies•added 2026/01/29 12:0 a.m.•3 views

PT-2026-5241

Name of the Vulnerable Software and Affected Versions SEMCMS version 5.0 Description A security issue exists in SEMCMS 5.0 related to SQL injection. The issue is located in the /SEMCMS Info.php file, where manipulation of the searchml argument can lead to a successful attack. This attack can be...

9.8CVSS6.4AI score0.00018EPSS

Exploits1References8

OSV•added 2024/05/07 3:15 p.m.•0 views

CVE-2024-4595

A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is the function locate of the file function.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

6.5CVSS5.6AI score0.00117EPSS

Exploits1References4

OSV•added 2024/04/03 4:15 a.m.•2 views

CVE-2024-31010

SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php...

7.5CVSS5.9AI score0.00126EPSS

Exploits1References1

OSV•added 2024/03/29 3:15 p.m.•2 views

CVE-2024-28405

SEMCMS 4.8 is vulnerable to Incorrect Access Control. The code installs SEMCMSFuntion.php before checking if the admin is a valid user in the admin page because authentication function is called from there, users gain admin privileges...

7.2CVSS5.8AI score0.0019EPSS

Exploits1References2

OSV•added 2024/02/28 11:15 p.m.•0 views

CVE-2024-25422

SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMSMenu.php component...

9.8CVSS6.2AI score0.01454EPSS

Exploits1References1

OSV•added 2023/08/05 2:15 a.m.•0 views

CVE-2020-23564

File Upload vulnerability in SEMCMS 3.9 allows remote attackers to run arbitrary code via SEMCMSUpfile.php...

7.2CVSS6AI score

Exploits0References2

OSV•added 2023/06/30 2:15 a.m.•0 views

CVE-2020-18432

File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges...

9.8CVSS5.9AI score0.00668EPSS

Exploits0References2

OSV•added 2022/10/28 4:15 p.m.•1 views

CVE-2021-38733

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via AntBlogCat.php...

9.8CVSS5.8AI score

Exploits0References2

OSV•added 2021/12/17 5:15 p.m.•0 views

CVE-2020-18078

A vulnerability in /include/webcheck.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password...

9.8CVSS7.3AI score0.00441EPSS

Exploits1References1

CNVD•added 2018/12/11 12:0 a.m.•1 views

SEMCMS cross-site scripting vulnerability (CNVD-2019-05836)

SemCms is a set of open source foreign trade enterprise website management system, mainly used for foreign trade enterprises, compatible with IE, Firefox, google, 360 and other mainstream browsers. SEMCMS 3.5 cross-site scripting vulnerability , attackers can use the vulnerability through the...

4.8CVSS6.3AI score0.00235EPSS

Exploits1References1

OSV•added 2018/10/29 12:29 p.m.•1 views

CVE-2018-18740

An XSS issue was discovered in SEMCMS 3.4 via the first input field to the admin/SEMCMSLink.php?lgid=1 URI...

4.8CVSS5.8AI score0.00235EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by