Sem-cms Semcms

59 CVEs affecting Sem-cms Semcms. Latest disclosed: 2026-01-29. Critical: 20, High: 10.

Top CVEs affecting Sem-cms Semcms
CVESeverityScorePublishedSummary
CVE-2025-25686Critical9.82025-03-27semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php.
CVE-2024-46103Critical9.82024-09-20SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php.
CVE-2024-30938Critical9.82024-04-19SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information via the ID parameter in the SEMCMS_User.php component.
CVE-2024-31012Critical9.82024-04-03An issue was discovered in SEMCMS v.4.8, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via the uploa…
CVE-2024-25422Critical9.82024-02-28SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the SEMCMS_Menu.php compone…
CVE-2023-50563Critical9.82023-12-14Semcms v4.8 was discovered to contain a SQL injection vulnerability via the AID parameter at SEMCMS_Function.php.
CVE-2023-37647Critical9.82023-07-31SEMCMS v1.5 was discovered to contain a SQL injection vulnerability via the id parameter at /Ant_Suxin.php.
CVE-2020-18432Critical9.82023-06-30File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges.
CVE-2023-31707Critical9.82023-05-19SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php.
CVE-2023-30090Critical9.82023-05-05Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows attackers to e…
CVE-2021-38733Critical9.82022-10-28SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_BlogCat.php.
CVE-2021-38732Critical9.82022-10-28SEMCMS SHOP v 1.1 is vulnerable to SQL via Ant_Message.php.
CVE-2021-38731Critical9.82022-10-28SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Zekou.php.
CVE-2021-38730Critical9.82022-10-28SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Info.php.
CVE-2021-38729Critical9.82022-10-28SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Plist.php.
CVE-2021-38217Critical9.82022-10-28SEMCMS v 1.2 is vulnerable to SQL Injection via SEMCMS_User.php.
CVE-2021-38737Critical9.82022-10-28SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php.
CVE-2021-38736Critical9.82022-10-28SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php.
CVE-2021-38734Critical9.82022-10-28SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Menu.php.
CVE-2020-18078Critical9.82021-12-17A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password.