📦 Semcms
by Sem Cms
🔍 What is Semcms?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows attackers to execute arbitrary SQL commands through SEMCMS_Fuction.php in SEMCMS versions up to 5.0. Attackers can potentially access, modify, or delete database content. All...
This SQL injection vulnerability in SEMCMS v4.8 allows remote attackers to extract sensitive database information by manipulating the ID parameter in SEMCMS_User.php. Any organization using the vulner...
This vulnerability in SEMCMS v4.8 allows remote attackers to upload malicious files via upload.php, leading to arbitrary code execution, privilege escalation, and sensitive information disclosure. Any...
This SQL injection vulnerability in SEMCMS v4.8 allows remote attackers to execute arbitrary SQL commands through the SEMCMS_Menu.php component. Attackers can potentially read, modify, or delete datab...
CVE-2020-18432 is a critical file upload vulnerability in SEMCMS PHP 3.7 that allows remote attackers to upload arbitrary files, including web shells, to gain escalated privileges and potentially achi...
CVE-2023-31707 is a critical SQL injection vulnerability in SEMCMS 1.5 that allows attackers to execute arbitrary SQL commands via the Ant_Rponse.php file. This affects all websites running SEMCMS 1.5...
This vulnerability in SEMCMS v3.8 allows unauthenticated attackers to reset the administrator password via a flaw in /include/web_check.php. Attackers can gain administrative access to the CMS, affect...
This vulnerability in SEMCMS v4.8 allows remote attackers to execute arbitrary code by uploading or injecting crafted scripts. It affects all users running SEMCMS v4.8, potentially compromising websit...
This SQL injection vulnerability in SEMCMS v4.8 allows remote attackers to extract sensitive information from the database by manipulating the ID parameter in Banner.php. All websites running SEMCMS v...
SEMCMS v4.8 contains a SQL injection vulnerability in the languageID parameter of /web_inc.php that allows attackers to execute arbitrary SQL commands. This affects all SEMCMS v4.8 installations using...
CVE-2023-48863 is an SQL injection vulnerability in SEMCMS 3.9 that allows attackers to execute arbitrary SQL commands through the application. This affects all SEMCMS 3.9 installations where user inp...
This SQL injection vulnerability in SEMCMS 5.0 allows attackers to manipulate database queries through the searchml parameter in /SEMCMS_Info.php. Attackers can potentially read, modify, or delete dat...
SemCms v5.0 contains a SQL injection vulnerability in the SEMCMS_Quanxian.php file via the pid parameter. This allows attackers to execute arbitrary SQL commands on the database. All users running Sem...
SemCms v5.0 contains a SQL injection vulnerability in the SEMCMS_Link.php file through the lgid parameter. This allows attackers to execute arbitrary SQL commands on the database. All users running Se...
SemCms v5.0 contains a SQL injection vulnerability in the ID parameter of SEMCMS_Products.php. This allows attackers to execute arbitrary SQL commands on the database. Users running SemCms v5.0 are af...
This SQL injection vulnerability in SemCms v5.0 allows attackers to manipulate database queries through the pid parameter in SEMCMS_ct.php. It affects all users running the vulnerable version of SemCm...
This vulnerability allows remote attackers to execute arbitrary SQL commands via the SEMCMS_Images.php file in SEMCMS's Image Library Management Page. It affects all SEMCMS installations up to version...
SemCms v4.8 contains a SQL injection vulnerability in the SEMCMS_SeoAndTag.php component via the ldgid parameter. This allows attackers to execute arbitrary SQL commands, potentially leading to data t...
A SQL injection vulnerability in SEMCMS v4.8 allows remote attackers to extract sensitive information from the database by manipulating the lgid parameter in Download.php. This affects all SEMCMS v4.8...