Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s-cms s-cms 3.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-20698
A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows malicious users to getshell via modification of a PHP file.
S-cms S-cms 3.0
3.5
CVSSv2
CVE-2020-20701
A stored cross site scripting (XSS) vulnerability in /app/config/of S-CMS PHP v3.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
S-cms S-cms 3.0
4.3
CVSSv2
CVE-2019-16312
s-cms V3.0 has XSS in index.php?type=text via the S_id parameter.
S-cms S-cms 3.0
5
CVSSv2
CVE-2020-19954
An XML External Entity (XXE) vulnerability exists in /api/notify.php in S-CMS 3.0 which allows malicious users to read arbitrary files.
S-cms S-cms 3.0
6.8
CVSSv2
CVE-2019-9040
S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332.
S-cms S-cms 3.0
7.5
CVSSv2
CVE-2019-6805
SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi.php O_id parameter.
S-cms S-cms 3.0
5
CVSSv2
CVE-2018-20018
S-CMS V3.0 has SQL injection via the S_id parameter, as demonstrated by the /1/?type=productinfo&S_id=140 URI.
S-cms S-cms 3.0
9
CVSSv2
CVE-2018-18426
s-cms 3.0 allows remote malicious users to execute arbitrary PHP code by placing this code in a crafted User-agent Disallow value in the robots.php txt parameter.
S-cms S-cms 3.0
4.3
CVSSv2
CVE-2018-20476
An issue exists in S-CMS 3.0. It allows XSS via the admin/demo.php T_id parameter.
S-cms S-cms 3.0
7.5
CVSSv2
CVE-2018-20477
An issue exists in S-CMS 3.0. It allows SQL Injection via the bank/callback1.php P_no field.
S-cms S-cms 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »