Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s-cms vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-20477
An issue exists in S-CMS 3.0. It allows SQL Injection via the bank/callback1.php P_no field.
S-cms S-cms 3.0
7.5
CVSSv3
CVE-2018-20478
An issue exists in S-CMS 1.0. It allows reading certain files, such as PHP source code, via the admin/download.php DownName parameter with a mixed-case extension, as demonstrated by a DownName=download.Php value.
S-cms S-cms 1.0
9.8
CVSSv3
CVE-2018-20479
An issue exists in S-CMS 1.0. It allows SQL Injection via the wap_index.php?type=newsinfo S_id parameter.
S-cms S-cms 1.0
6.1
CVSSv3
CVE-2018-20476
An issue exists in S-CMS 3.0. It allows XSS via the admin/demo.php T_id parameter.
S-cms S-cms 3.0
9.8
CVSSv3
CVE-2018-20480
An issue exists in S-CMS 1.0. It allows SQL Injection via the js/pic.php P_id parameter.
S-cms S-cms 1.0
7.5
CVSSv3
CVE-2018-20018
S-CMS V3.0 has SQL injection via the S_id parameter, as demonstrated by the /1/?type=productinfo&S_id=140 URI.
S-cms S-cms 3.0
7.5
CVSSv3
CVE-2018-19331
An issue exists in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter.
S-cms S-cms 1.5
8.8
CVSSv3
CVE-2018-19332
An issue exists in S-CMS v1.5. There is a CSRF vulnerability that can add a new user via the admin/ajax.php?type=member&action=add URI.
S-cms S-cms 1.5
6.1
CVSSv3
CVE-2018-19145
An issue exists in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter.
S-cms S-cms 1.5
9.8
CVSSv3
CVE-2018-18887
S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field).
S-cms S-cms 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »