Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s-cms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-19145
An issue exists in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter.
S-cms S-cms 1.5
4.3
CVSSv2
CVE-2020-20425
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function.
S-cms S-cms 5.0
3.5
CVSSv2
CVE-2020-19046
Cross Site Scripting (XSS) in S-CMS v1.0 allows remote malicious users to execute arbitrary code via the component '/admin/tpl.php?page='.
S-cms S-cms 1.0
7.5
CVSSv2
CVE-2019-6805
SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi.php O_id parameter.
S-cms S-cms 3.0
NA
CVE-2023-29962
S-CMS v5.0 exists to contain an arbitrary file read vulnerability.
S-cms S-cms 5.0
NA
CVE-2023-29963
S-CMS v5.0 exists to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php.
S-cms S-cms 5.0
3.5
CVSSv2
CVE-2020-20700
A stored cross site scripting (XSS) vulnerability in /app/form_add/of S-CMS PHP v3.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the Title Entry text box.
S-cms S-cms 3.0
3.5
CVSSv2
CVE-2020-20701
A stored cross site scripting (XSS) vulnerability in /app/config/of S-CMS PHP v3.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
S-cms S-cms 3.0
5
CVSSv2
CVE-2020-19954
An XML External Entity (XXE) vulnerability exists in /api/notify.php in S-CMS 3.0 which allows malicious users to read arbitrary files.
S-cms S-cms 3.0
6.8
CVSSv2
CVE-2018-19332
An issue exists in S-CMS v1.5. There is a CSRF vulnerability that can add a new user via the admin/ajax.php?type=member&action=add URI.
S-cms S-cms 1.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »