Shodan
Vulnerabilities
Vulnerable Software
S-Cms:  >> S-Cms  >> 3.0  Security Vulnerabilities
CVE-2018-20018
S-CMS V3.0 has SQL injection via the S_id parameter, as demonstrated by the /1/?type=productinfo&S_id=140 URI.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-12-10
CVE-2018-18426
s-cms 3.0 allows remote attackers to execute arbitrary PHP code by placing this code in a crafted User-agent Disallow value in the robots.php txt parameter.
CVSS Score
8.8
EPSS Score
0.021
Published
2018-10-17
CVE-2018-18427
s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter or the POST data to member/member_login.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-10-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved