Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s-cms s-cms 1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-7189
A vulnerability classified as critical was found in S-CMS up to 2.0_build20220529-20231006. Affected by this vulnerability is an unknown functionality of the file /s/index.php?action=statistics. The manipulation of the argument lid leads to sql injection. The exploit has been dis...
S-cms S-cms 1.0
S-cms S-cms 1.5
S-cms S-cms 2.0
NA
CVE-2023-7190
A vulnerability, which was classified as critical, has been found in S-CMS up to 2.0_build20220529-20231006. Affected by this issue is some unknown functionality of the file /member/ad.php?action=ad. The manipulation of the argument A_text/A_url/A_contact leads to sql injection. ...
S-cms S-cms 1.0
S-cms S-cms 1.5
S-cms S-cms 2.0
NA
CVE-2023-7191
A vulnerability, which was classified as critical, was found in S-CMS up to 2.0_build20220529-20231006. This affects an unknown part of the file member/reg.php. The manipulation of the argument M_login/M_email leads to sql injection. The exploit has been disclosed to the public a...
S-cms S-cms 1.0
S-cms S-cms 1.5
S-cms S-cms 2.0
6.8
CVSSv2
CVE-2019-10237
S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040.
S-cms S-cms 1.0
5
CVSSv2
CVE-2020-20340
A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows malicious users to access sensitive database information.
S-cms S-cms 1.0
7.5
CVSSv2
CVE-2018-18887
S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field).
S-cms S-cms 1.0
7.5
CVSSv2
CVE-2019-10708
S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter.
S-cms S-cms 1.0
1 Github repository
3.5
CVSSv2
CVE-2020-19046
Cross Site Scripting (XSS) in S-CMS v1.0 allows remote malicious users to execute arbitrary code via the component '/admin/tpl.php?page='.
S-cms S-cms 1.0
7.5
CVSSv2
CVE-2018-20479
An issue exists in S-CMS 1.0. It allows SQL Injection via the wap_index.php?type=newsinfo S_id parameter.
S-cms S-cms 1.0
7.5
CVSSv2
CVE-2018-20480
An issue exists in S-CMS 1.0. It allows SQL Injection via the js/pic.php P_id parameter.
S-cms S-cms 1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »