Semcms Security Vulnerabilities and Issues — Semcms CVE List

Lucene search

Sem-cmsSemcms

21 matches found

CVE•added 2024/02/28 11:15 p.m.•7783 views

CVE-2024-25422

SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMS_Menu.php component.

9.8CVSS8.2AI score0.01454EPSS

CVE•added 2024/04/03 4:15 a.m.•53 views

CVE-2024-31012

An issue was discovered in SEMCMS v.4.8, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the upload.php file.

9.8CVSS7.5AI score0.02899EPSS

CVE•added 2025/03/27 4:15 p.m.•52 views

CVE-2025-25686

semcms

9.8CVSS7.7AI score0.00049EPSS

CVE•added 2022/10/28 4:15 p.m.•49 views

CVE-2021-38733

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_BlogCat.php.

9.8CVSS9.8AI score0.00341EPSS

CVE•added 2023/06/30 2:15 a.m.•48 views

CVE-2020-18432

File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges.

9.8CVSS9.5AI score0.00501EPSS

CVE•added 2022/10/28 4:15 p.m.•45 views

CVE-2021-38729

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Plist.php.

9.8CVSS9.8AI score0.00341EPSS

CVE•added 2022/08/09 7:15 a.m.•43 views

CVE-2022-2726

A vulnerability classified as critical has been found in SEMCMS. This affects an unknown part of the file Ant_Check.php. The manipulation of the argument DID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The ass...

9.8CVSS8.4AI score0.00062EPSS

CVE•added 2024/04/19 12:15 a.m.•43 views

CVE-2024-30938

SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information via the ID parameter in the SEMCMS_User.php component.

9.8CVSS7.5AI score0.00434EPSS

CVE•added 2023/05/19 2:15 p.m.•42 views

CVE-2023-31707

SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php.

9.8CVSS9.8AI score0.00066EPSS

CVE•added 2022/10/28 4:15 p.m.•41 views

CVE-2021-38217

SEMCMS v 1.2 is vulnerable to SQL Injection via SEMCMS_User.php.

9.8CVSS9.8AI score0.0007EPSS

CVE•added 2022/10/28 3:15 p.m.•41 views

CVE-2021-38734

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Menu.php.

9.8CVSS9.8AI score0.00341EPSS

CVE•added 2022/10/28 3:15 p.m.•41 views

CVE-2021-38736

SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php.

9.8CVSS9.8AI score0.00341EPSS

CVE•added 2022/10/28 3:15 p.m.•40 views

CVE-2021-38737

SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php.

9.8CVSS9.8AI score0.00341EPSS

CVE•added 2023/05/05 3:15 a.m.•38 views

CVE-2023-30090

Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows attackers to execute arbitrary code via uploading a crafted PHP file.

9.8CVSS9.7AI score0.00115EPSS

CVE•added 2022/10/28 4:15 p.m.•37 views

CVE-2021-38730

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Info.php.

9.8CVSS9.8AI score0.00341EPSS

CVE•added 2022/10/28 4:15 p.m.•37 views

CVE-2021-38731

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Zekou.php.

9.8CVSS9.8AI score0.00341EPSS

CVE•added 2021/12/17 5:15 p.m.•35 views

CVE-2020-18078

A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password.