Sem-cms Semcms
59 CVEs affecting Sem-cms Semcms. Latest disclosed: 2026-01-29. Critical: 20, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-25686 | Critical | 9.8 | 2025-03-27 | semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php. |
CVE-2024-46103 | Critical | 9.8 | 2024-09-20 | SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php. |
CVE-2024-30938 | Critical | 9.8 | 2024-04-19 | SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information via the ID parameter in the SEMCMS_User.php component. |
CVE-2024-31012 | Critical | 9.8 | 2024-04-03 | An issue was discovered in SEMCMS v.4.8, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the uploa… |
CVE-2024-25422 | Critical | 9.8 | 2024-02-28 | SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMS_Menu.php compone… |
CVE-2023-50563 | Critical | 9.8 | 2023-12-14 | Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at SEMCMS_Function.php. |
CVE-2023-37647 | Critical | 9.8 | 2023-07-31 | SEMCMS v1.5 was discovered to contain a SQL injection vulnerability via the id parameter at /Ant_Suxin.php. |
CVE-2020-18432 | Critical | 9.8 | 2023-06-30 | File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges. |
CVE-2023-31707 | Critical | 9.8 | 2023-05-19 | SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php. |
CVE-2023-30090 | Critical | 9.8 | 2023-05-05 | Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows attackers to e… |
CVE-2021-38733 | Critical | 9.8 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_BlogCat.php. |
CVE-2021-38732 | Critical | 9.8 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL via Ant_Message.php. |
CVE-2021-38731 | Critical | 9.8 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Zekou.php. |
CVE-2021-38730 | Critical | 9.8 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Info.php. |
CVE-2021-38729 | Critical | 9.8 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Plist.php. |
CVE-2021-38217 | Critical | 9.8 | 2022-10-28 | SEMCMS v 1.2 is vulnerable to SQL Injection via SEMCMS_User.php. |
CVE-2021-38737 | Critical | 9.8 | 2022-10-28 | SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php. |
CVE-2021-38736 | Critical | 9.8 | 2022-10-28 | SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php. |
CVE-2021-38734 | Critical | 9.8 | 2022-10-28 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Menu.php. |
CVE-2020-18078 | Critical | 9.8 | 2021-12-17 | A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password. |