Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s-cms vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-19158
Cross Site Scripting (XSS) in S-CMS build 20191014 and previous versions allows remote malicious users to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin/#/app/config/'.
S-cms S-cms 2019-10-14
NA
CVE-2009-1502
Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the page parameter.
Matteoiammarrone S-cms 1.5.2
Matteoiammarrone S-cms 1.1
1 EDB exploit
NA
CVE-2010-4771
SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Matteoiammarrone S-cms 2.5
1 EDB exploit
NA
CVE-2010-4772
Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote malicious users to inject arbitrary web script or HTML via the id parameter to viewforum.php.
Matteoiammarrone S-cms 2.5
1 EDB exploit
NA
CVE-2009-0863
SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Matteoiammarrone S-cms 1.1
1 EDB exploit
NA
CVE-2009-0864
S-Cms 1.1 Stable allows remote malicious users to bypass authentication and obtain administrative access via an OK value for the login cookie.
Matteoiammarrone S-cms 1.1
1 EDB exploit
9.8
CVSSv3
CVE-2021-37270
There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority.
S-cms Cms Enterprise Website Construction System 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5