SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-10-28
SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-10-28
A vulnerability classified as critical has been found in SEMCMS. This affects an unknown part of the file Ant_Check.php. The manipulation of the argument DID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205839.
CVSS Score
6.3
EPSS Score
0.001
Published
2022-08-09
A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-12-17
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query.
CVSS Score
7.5
EPSS Score
0.003
Published
2021-12-17
An issue was discovered in SEMCMS 3.8. SEMCMS_Inquiry.php allows AID[] SQL Injection because the class.phpmailer.php inject_check_sql protection mechanism is incomplete.
CVSS Score
7.2
EPSS Score
0.003
Published
2019-04-25
SEMCMS 3.5 has XSS via the first text box to the SEMCMS_Main.php URI.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-12-10
XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexmetatit parameter.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-10-30
XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexkey parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-10-30
XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok umail parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-10-29