Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s-cms vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-19158
Cross Site Scripting (XSS) in S-CMS build 20191014 and previous versions allows remote malicious users to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin/#/app/config/'.
S-cms S-cms 2019-10-14
7.5
CVSSv2
CVE-2009-1502
Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the page parameter.
Matteoiammarrone S-cms 1.5.2
Matteoiammarrone S-cms 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2010-4771
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Matteoiammarrone S-cms 2.5
1 EDB exploit
4.3
CVSSv2
CVE-2010-4772
Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote malicious users to inject arbitrary web script or HTML via the id parameter to viewforum.php.
Matteoiammarrone S-cms 2.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-0863
SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Matteoiammarrone S-cms 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-0864
S-Cms 1.1 Stable allows remote malicious users to bypass authentication and obtain administrative access via an OK value for the login cookie.
Matteoiammarrone S-cms 1.1
1 EDB exploit
10
CVSSv2
CVE-2021-37270
There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority.
S-cms Cms Enterprise Website Construction System 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5