SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to execute arbitrary SQL commands via the id parameter.
8.7AI Score
0.001EPSS
S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access via an OK value for the login cookie.
7.3AI Score
0.006EPSS
Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.
7.4AI Score
0.011EPSS
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
8.7AI Score
0.001EPSS
Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter to viewforum.php.
5.9AI Score
0.002EPSS