8 matches found
CVE-2020-18081
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query...
CVE-2020-18081
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query...
Design/Logic Flaw
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query...
CVE-2020-18081
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query...
Sql injection
An issue was discovered in SEMCMS 3.8. SEMCMSInquiry.php allows AID SQL Injection because the class.phpmailer.php injectchecksql protection mechanism is incomplete...
CVE-2019-11518
An issue was discovered in SEMCMS 3.8. SEMCMSInquiry.php allows AID SQL Injection because the class.phpmailer.php injectchecksql protection mechanism is incomplete...
CVE-2019-11518
An issue was discovered in SEMCMS 3.8. SEMCMSInquiry.php allows AID SQL Injection because the class.phpmailer.php injectchecksql protection mechanism is incomplete...
CVE-2019-11518
CVE-2019-11518 affects SEMCMS 3.8 with a SQL injection in SEMCMS_Inquiry.php due to incomplete protection in class.phpmailer.php inject_check_sql. The root cause is an incomplete safeguard allowing AID[] manipulation to inject SQL. CVSS metrics (NVD) list a v3 base score 7.2 (HIGH), network attac...