Sem-cms ≫ Semcms

SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php.

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Menu.php.

A vulnerability classified as critical has been found in SEMCMS. This affects an unknown part of the file Ant_Check.php. The manipulation of the argument DID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query.

A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password.

An issue was discovered in SEMCMS 3.8. SEMCMS_Inquiry.php allows AID[] SQL Injection because the class.phpmailer.php inject_check_sql protection mechanism is incomplete.

SEMCMS 3.5 has XSS via the first text box to the SEMCMS_Main.php URI.

XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexkey parameter.

XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexmetatit parameter.

XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok umail parameter.