Semcms

semcms

Vendor: Sem Cms • 59 CVEs

CVEs (59)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-1552 1Sem Cms 1Semcms Apr 29, 2026 Jan 29, 2026 2.1 LOW· v4 9.8 CRITICAL· v3 6.5 MEDIUM· v2 A security vulnerability has been detected in SEMCMS 5.0. This vulnerability affects unknown code of the file /SEMCMS_Info.php. The manipulation of the argument searchml leads to sql injection. The attack is possible to...Show more A security vulnerability has been detected in SEMCMS 5.0. This vulnerability affects unknown code of the file /SEMCMS_Info.php. The manipulation of the argument searchml leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-51660 1Sem Cms 1Semcms Jul 15, 2025 Jul 14, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Products.php.
CVE-2025-51659 1Sem Cms 1Semcms Jul 15, 2025 Jul 14, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Products.php.
CVE-2025-51658 1Sem Cms 1Semcms Jul 15, 2025 Jul 14, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_InquiryView.php.
CVE-2025-51657 1Sem Cms 1Semcms Jul 15, 2025 Jul 14, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Link.php.
CVE-2025-51656 1Sem Cms 1Semcms Jul 15, 2025 Jul 14, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php.
CVE-2025-51655 1Sem Cms 1Semcms Jul 15, 2025 Jul 14, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php.
CVE-2025-51654 1Sem Cms 1Semcms Jul 15, 2025 Jul 14, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Infocategories.php.
CVE-2025-51653 1Sem Cms 1Semcms Jul 15, 2025 Jul 14, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_ct.php.
CVE-2025-51652 1Sem Cms 1Semcms Jul 15, 2025 Jul 14, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Categories.php.
CVE-2025-25686 1Sem Cms 1Semcms Apr 11, 2025 Mar 27, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php.
CVE-2024-13193 1Sem Cms 1Semcms Apr 4, 2025 Jan 8, 2025 5.3 MEDIUM· v4 4.9 MEDIUM· v3 6.5 MEDIUM· v2 A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file SEMCMS_Images.php of the component Image Library Management Page. The...Show more A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file SEMCMS_Images.php of the component Image Library Management Page. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-53502 1Sem Cms 1Semcms Apr 4, 2025 Dec 3, 2024 N/A· v4 3.8 LOW· v3 N/A· v2 Seecms v4.8 was discovered to contain a SQL injection vulnerability in the SEMCMS_SeoAndTag.php page.
CVE-2024-52725 1Sem Cms 1Semcms Apr 4, 2025 Nov 20, 2024 N/A· v4 4.9 MEDIUM· v3 N/A· v2 SemCms v4.8 was discovered to contain a SQL injection vulnerability. This allows an attacker to execute arbitrary code via the ldgid parameter in the SEMCMS_SeoAndTag.php component.
CVE-2024-46103 1Sem Cms 1Semcms Apr 4, 2025 Sep 20, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php.
CVE-2024-36801 1Sem Cms 1Semcms Apr 3, 2025 Jun 4, 2024 N/A· v4 5.9 MEDIUM· v3 N/A· v2 A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the lgid parameter in Download.php.
CVE-2024-36800 1Sem Cms 1Semcms Apr 3, 2025 Jun 4, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Download.php.
CVE-2024-4595 1Sem Cms 1Semcms Apr 4, 2025 May 7, 2024 N/A· v4 6.5 MEDIUM· v3 6.5 MEDIUM· v2 A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is the function locate of the file function.php. The manipulation leads to sql injection. The attack can be la...Show more A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is the function locate of the file function.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263317 was assigned to this vulnerability.Show less
CVE-2024-32409 1Sem Cms 1Semcms Apr 4, 2025 Apr 19, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script.
CVE-2024-30938 1Sem Cms 1Semcms Apr 4, 2025 Apr 19, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information via the ID parameter in the SEMCMS_User.php component.

12 3 Next