CVE-2024-13193

Medium CVSS: 5.3

A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file SEMCMS_Images.php of the component Image Library Management Page. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Sem-cms

Product

Semcms

CWE

CWE-74

Yayın Tarihi

2025-01-08 23:15:09

Güncelleme

2025-04-04 16:59:31

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Semcms MEDIUM Sem-cms 2025

Referanslar

https://github.com/Upgradeextension/SEMCMS/blob/main/README.md https://vuldb.com/?ctiid.290785 https://vuldb.com/?id.290785 https://vuldb.com/?submit.469563 https://github.com/Upgradeextension/SEMCMS/blob/main/README.md

Benzer Kayıtlar

Medium

CVE-2026-1552

A security vulnerability has been detected in SEMCMS 5.0. This vulnerability affects unknown code of the file /SEMCMS_In…

Medium

CVE-2025-51655

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php.

Medium

CVE-2025-51656

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php.

Medium

CVE-2025-51657

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Link.php.

Medium

CVE-2025-51658

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_InquiryView.php.

Medium

CVE-2025-51659

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Products.php.