s-cms
Web & CMS Pluginscommercial
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting s-cms.
- CVE-2023-29962S-CMS v5.0 was discovered to contain an arbitrary file read vulnerability.6.5
- CVE-2023-7191S-CMS reg.php sql injection5.5
- CVE-2023-7190S-CMS sql injection5.5
- CVE-2023-7189S-CMS sql injection5.5
- CVE-2023-51052S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php.9.8
- CVE-2023-51051S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php.9.8
- CVE-2023-51050S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php.9.8
- CVE-2023-51049S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php.9.8
- CVE-2023-51048S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php.9.8
- CVE-2023-29963S-CMS v5.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the component /admin/ajax.php.7.2
- CVE-2022-4377S-CMS Contact Information Page cross site scripting3.5
- CVE-2022-23336S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id parameter.9.8
- CVE-2020-20426S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in /function/booksave.php.6.1
- CVE-2020-20425S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function.6.1
- CVE-2020-19954An XML External Entity (XXE) vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files.7.5