Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s-cms vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-7189
A vulnerability classified as critical was found in S-CMS up to 2.0_build20220529-20231006. Affected by this vulnerability is an unknown functionality of the file /s/index.php?action=statistics. The manipulation of the argument lid leads to sql injection. The exploit has been dis...
S-cms S-cms 1.0
S-cms S-cms 1.5
S-cms S-cms 2.0
8.8
CVSSv3
CVE-2023-7190
A vulnerability, which was classified as critical, has been found in S-CMS up to 2.0_build20220529-20231006. Affected by this issue is some unknown functionality of the file /member/ad.php?action=ad. The manipulation of the argument A_text/A_url/A_contact leads to sql injection. ...
S-cms S-cms 1.0
S-cms S-cms 1.5
S-cms S-cms 2.0
8.8
CVSSv3
CVE-2023-7191
A vulnerability, which was classified as critical, was found in S-CMS up to 2.0_build20220529-20231006. This affects an unknown part of the file member/reg.php. The manipulation of the argument M_login/M_email leads to sql injection. The exploit has been disclosed to the public a...
S-cms S-cms 1.0
S-cms S-cms 1.5
S-cms S-cms 2.0
6.1
CVSSv3
CVE-2019-16312
s-cms V3.0 has XSS in index.php?type=text via the S_id parameter.
S-cms S-cms 3.0
6.1
CVSSv3
CVE-2019-9925
S-CMS PHP v1.0 has XSS in 4.edu.php via the S_id parameter.
S-cms S-cms 1.0
7.2
CVSSv3
CVE-2020-20698
A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows malicious users to getshell via modification of a PHP file.
S-cms S-cms 3.0
4.8
CVSSv3
CVE-2020-20700
A stored cross site scripting (XSS) vulnerability in /app/form_add/of S-CMS PHP v3.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the Title Entry text box.
S-cms S-cms 3.0
4.8
CVSSv3
CVE-2020-20701
A stored cross site scripting (XSS) vulnerability in /app/config/of S-CMS PHP v3.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
S-cms S-cms 3.0
9.8
CVSSv3
CVE-2023-51048
S-CMS v5.0 exists to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php.
S-cms S-cms 5.0
9.8
CVSSv3
CVE-2023-51049
S-CMS v5.0 exists to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php.
S-cms S-cms 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »