16 matches found
CVE-2024-36800
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Download.php...
CVE-2024-36801
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the lgid parameter in Download.php...
CVE-2024-30938
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information via the ID parameter in the SEMCMSUser.php component...
CVE-2024-32409
An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script...
CVE-2024-30938
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information via the ID parameter in the SEMCMSUser.php component...
CVE-2024-30938
The CVE-2024-30938 issue affects SEMCMS v4.8 and originates from a SQL injection in the SEMCMS_User.php component, allowing a remote attacker to obtain sensitive information via the ID parameter. The vulnerability is described across multiple sources as a SQLi in SEMCMS v4.8 with high impact (con...
CVE-2024-31009
SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via lgid parameter in Banner.php...
CVE-2024-31010
SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php...
CVE-2024-31010
CVE-2024-31010 affects SEMCMS v4.8; the vulnerability is a SQL injection via the ID parameter in Banner.php. Root cause is an injectable ID parameter exposing sensitive information. Documented impact is high confidentiality risk with no availability/ integrity impact. Related sources confirm the ...
CVE-2024-31010
SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php...
CVE-2024-31010
SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php...
CVE-2024-31009
CVE-2024-31009 involves a SQL injection in SEMCMS v4.8, exploitable via the lgid parameter in Banner.php. The vulnerability could allow a remote attacker to obtain sensitive information. No exploitation details are provided in the documents; CVSS base score is 6.5 (MEDIUM). Remediation or workaro...
CVE-2024-25422
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMSMenu.php component...
Sql injection
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMSMenu.php component...
CVE-2024-25422
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMSMenu.php component...
CVE-2024-25422
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMSMenu.php component...