本ページは sem-cms semcms に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-1552 | A security vulnerability has been detected in SEMCMS 5.0. This vulnerability affects unknown code of the file /SEMCMS_Info.php. The manipulation of the argument searchml leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | [email protected] | 2.1 | 0.03% | 2026-01-29 | 2026-04-29 |
| CVE-2025-51660 | SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Products.php. | [email protected] | 5.4 | 0.18% | 2025-07-14 | 2025-07-15 |
| CVE-2025-51659 | SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Products.php. | [email protected] | 5.4 | 0.18% | 2025-07-14 | 2025-07-15 |
| CVE-2025-51658 | SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_InquiryView.php. | [email protected] | 5.4 | 0.18% | 2025-07-14 | 2025-07-15 |
| CVE-2025-51657 | SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Link.php. | [email protected] | 5.4 | 0.18% | 2025-07-14 | 2025-07-15 |
| CVE-2025-51656 | SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php. | [email protected] | 5.4 | 0.18% | 2025-07-14 | 2025-07-15 |
| CVE-2025-51655 | SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php. | [email protected] | 5.4 | 0.18% | 2025-07-14 | 2025-07-15 |
| CVE-2025-51654 | SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Infocategories.php. | [email protected] | 5.4 | 0.18% | 2025-07-14 | 2025-07-15 |
| CVE-2025-51653 | SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_ct.php. | [email protected] | 5.4 | 0.18% | 2025-07-14 | 2025-07-15 |
| CVE-2025-51652 | SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Categories.php. | [email protected] | 5.4 | 0.18% | 2025-07-14 | 2025-07-15 |
| CVE-2025-25686 | semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php. | [email protected] | 9.8 | 0.23% | 2025-03-27 | 2025-04-11 |
| CVE-2024-13193 | A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file SEMCMS_Images.php of the component Image Library Management Page. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | [email protected] | 5.3 | 0.07% | 2025-01-08 | 2025-04-04 |
| CVE-2024-53502 | Seecms v4.8 was discovered to contain a SQL injection vulnerability in the SEMCMS_SeoAndTag.php page. | [email protected] | 3.8 | 0.15% | 2024-12-03 | 2025-04-04 |
| CVE-2024-52725 | SemCms v4.8 was discovered to contain a SQL injection vulnerability. This allows an attacker to execute arbitrary code via the ldgid parameter in the SEMCMS_SeoAndTag.php component. | [email protected] | 4.9 | 0.17% | 2024-11-20 | 2025-04-04 |
| CVE-2024-46103 | SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php. | [email protected] | 9.8 | 0.09% | 2024-09-20 | 2025-04-04 |
| CVE-2024-36801 | A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the lgid parameter in Download.php. | [email protected] | 5.9 | 0.62% | 2024-06-04 | 2025-04-03 |
| CVE-2024-36800 | A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Download.php. | [email protected] | 7.5 | 0.10% | 2024-06-04 | 2025-04-03 |
| CVE-2024-4595 | A vulnerability has been found in SEMCMS up to 4.8 and classified as critical. Affected by this vulnerability is the function locate of the file function.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263317 was assigned to this vulnerability. | [email protected] | 6.3 | 0.09% | 2024-05-07 | 2025-04-04 |
| CVE-2024-32409 | An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script. | [email protected] | 7.1 | 2.11% | 2024-04-19 | 2025-04-04 |
| CVE-2024-30938 | SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information via the ID parameter in the SEMCMS_User.php component. | [email protected] | 9.8 | 0.36% | 2024-04-19 | 2025-04-04 |