S-cms Security Vulnerabilities and Issues — S-cms CVE List

Lucene search

MatteoiammarroneS-cms

5 matches found

CVE•added 2009/03/10 2:30 p.m.•46 views

CVE-2009-0863

SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5CVSS8.7AI score0.00217EPSS

CVE•added 2009/05/01 5:30 p.m.•45 views

CVE-2009-1502

Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.

7.5CVSS7.4AI score0.01313EPSS

CVE•added 2011/03/23 10:0 p.m.•43 views

CVE-2010-4771

SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5CVSS8.7AI score0.00115EPSS

CVE•added 2011/03/23 10:0 p.m.•42 views

CVE-2010-4772

Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter to viewforum.php.

4.3CVSS5.9AI score0.00187EPSS

CVE•added 2009/03/10 2:30 p.m.•37 views

CVE-2009-0864

S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access via an OK value for the login cookie.

7.5CVSS7.3AI score0.00722EPSS