Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s-cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-7189
A vulnerability classified as critical was found in S-CMS up to 2.0_build20220529-20231006. Affected by this vulnerability is an unknown functionality of the file /s/index.php?action=statistics. The manipulation of the argument lid leads to sql injection. The exploit has been dis...
S-cms S-cms 1.0
S-cms S-cms 1.5
S-cms S-cms 2.0
NA
CVE-2023-7190
A vulnerability, which was classified as critical, has been found in S-CMS up to 2.0_build20220529-20231006. Affected by this issue is some unknown functionality of the file /member/ad.php?action=ad. The manipulation of the argument A_text/A_url/A_contact leads to sql injection. ...
S-cms S-cms 1.0
S-cms S-cms 1.5
S-cms S-cms 2.0
NA
CVE-2023-7191
A vulnerability, which was classified as critical, was found in S-CMS up to 2.0_build20220529-20231006. This affects an unknown part of the file member/reg.php. The manipulation of the argument M_login/M_email leads to sql injection. The exploit has been disclosed to the public a...
S-cms S-cms 1.0
S-cms S-cms 1.5
S-cms S-cms 2.0
4.3
CVSSv2
CVE-2019-16312
s-cms V3.0 has XSS in index.php?type=text via the S_id parameter.
S-cms S-cms 3.0
7.5
CVSSv2
CVE-2019-6805
SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi.php O_id parameter.
S-cms S-cms 3.0
NA
CVE-2022-4377
A vulnerability was found in S-CMS 5.0 Build 20220328. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Contact Information Page. The manipulation of the argument Make a Call leads to cross site scripting. The attack...
S-cms S-cms 5.0
6.8
CVSSv2
CVE-2019-10237
S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040.
S-cms S-cms 1.0
7.5
CVSSv2
CVE-2018-18427
s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter or the POST data to member/member_login.php.
S-cms S-cms 3.0
4.3
CVSSv2
CVE-2020-20425
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function.
S-cms S-cms 5.0
4.3
CVSSv2
CVE-2020-20426
S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in /function/booksave.php.
S-cms S-cms 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »