Filtered by vendor S-cms
Subscribe
Search
Total
14 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51051 | 1 S-cms | 1 S-cms | 2023-12-29 | N/A | 9.8 CRITICAL |
| S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php. | |||||
| CVE-2023-51052 | 1 S-cms | 1 S-cms | 2023-12-29 | N/A | 9.8 CRITICAL |
| S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php. | |||||
| CVE-2023-51049 | 1 S-cms | 1 S-cms | 2023-12-27 | N/A | 9.8 CRITICAL |
| S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php. | |||||
| CVE-2023-51050 | 1 S-cms | 1 S-cms | 2023-12-27 | N/A | 9.8 CRITICAL |
| S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php. | |||||
| CVE-2023-51048 | 1 S-cms | 1 S-cms | 2023-12-27 | N/A | 9.8 CRITICAL |
| S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php. | |||||
| CVE-2022-23336 | 1 S-cms | 1 S-cms | 2022-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter. | |||||
| CVE-2021-37270 | 1 S-cms | 1 Cms Enterprise Website Construction System | 2021-10-06 | 10.0 HIGH | 9.8 CRITICAL |
| There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority. | |||||
| CVE-2019-10708 | 1 S-cms | 1 S-cms | 2019-04-03 | 7.5 HIGH | 9.8 CRITICAL |
| S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter. | |||||
| CVE-2019-6805 | 1 S-cms | 1 S-cms | 2019-01-25 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi.php O_id parameter. | |||||
| CVE-2018-20479 | 1 S-cms | 1 S-cms | 2018-12-31 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in S-CMS 1.0. It allows SQL Injection via the wap_index.php?type=newsinfo S_id parameter. | |||||
| CVE-2018-20480 | 1 S-cms | 1 S-cms | 2018-12-31 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in S-CMS 1.0. It allows SQL Injection via the js/pic.php P_id parameter. | |||||
| CVE-2018-20477 | 1 S-cms | 1 S-cms | 2018-12-30 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in S-CMS 3.0. It allows SQL Injection via the bank/callback1.php P_no field. | |||||
| CVE-2018-18887 | 1 S-cms | 1 S-cms | 2018-12-08 | 7.5 HIGH | 9.8 CRITICAL |
| S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field). | |||||
| CVE-2018-18427 | 1 S-cms | 1 S-cms | 2018-12-03 | 7.5 HIGH | 9.8 CRITICAL |
| s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter or the POST data to member/member_login.php. | |||||