12 matches found
CVE-2023-50563
Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at SEMCMSFunction.php...
EUVD-2024-22751
Malicious code in bioql PyPI...
EUVD-2024-36219
Malicious code in bioql PyPI...
CVE-2024-32409
An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script...
CVE-2024-31010
SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php...
CVE-2024-25422
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMSMenu.php component...
CVE-2024-36800
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Download.php...
CVE-2024-36801
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the lgid parameter in Download.php...
CVE-2024-36801
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the lgid parameter in Download.php...
PT-2024-27163 · Semcms · Semcms
Name of the Vulnerable Software and Affected Versions: SEMCMS version 4.8 Description: A SQL injection issue allows a remote attacker to obtain sensitive information via the ID parameter in "Download.php". Recommendations: For SEMCMS version 4.8, update to a version that fixes this issue, as usin...
PT-2024-23682 · Semcms · Semcms
Name of the Vulnerable Software and Affected Versions: SEMCMS version 4.8 Description: The issue allows a remote attacker to obtain sensitive information. This is achieved via the ID parameter in the SEMCMS User.php component. Recommendations: For SEMCMS version 4.8, avoid using the ID parameter ...
CVE-2024-36801
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the lgid parameter in Download.php...