S-CMS v5.0 was discovered to contain an arbitrary file read vulnerability.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-01-04
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-21
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-21
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-12-21
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-21
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-12-21
S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php.
CVSS Score
7.2
EPSS Score
0.01
Published
2023-05-05
A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-215197 was assigned to this vulnerability.
CVSS Score
3.5
EPSS Score
0.001
Published
2022-12-09
S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-02-14
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function.
CVSS Score
6.1
EPSS Score
0.004
Published
2021-12-22
Page 1