RSS   Vulnerabilities for 'Semcms'   RSS

2021-12-17
 
CVE-2020-18078

NVD-CWE-noinfo
 

 
A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password.

 
 
CVE-2020-18081

CWE-89
 

 
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query.

 
2019-04-25
 
CVE-2019-11518

CWE-89
 

 
An issue was discovered in SEMCMS 3.8. SEMCMS_Inquiry.php allows AID[] SQL Injection because the class.phpmailer.php inject_check_sql protection mechanism is incomplete.

 
2018-12-10
 
CVE-2018-20017

CWE-79
 

 
SEMCMS 3.5 has XSS via the first text box to the SEMCMS_Main.php URI.

 
2018-10-30
 
CVE-2018-18841

CWE-79
 

 
XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexkey parameter.

 
 
CVE-2018-18840

CWE-79
 

 
XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexmetatit parameter.

 
2018-10-29
 
CVE-2018-18783

CWE-79
 

 
XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok umail parameter.

 
 
CVE-2018-18745

CWE-79
 

 
An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Menu.php?lgid=1 during editing.

 
 
CVE-2018-18744

CWE-79
 

 
An XSS issue was discovered in SEMCMS 3.4 via the fifth text box to the admin/SEMCMS_Main.php URI.

 
 
CVE-2018-18743

CWE-79
 

 
An XSS issue was discovered in SEMCMS 3.4 via the second text field to the admin/SEMCMS_Categories.php?pid=1&lgid=1 URI.

 


Copyright 2024, cxsecurity.com

 

Back to Top