SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Banner.php.
References
Link | Resource |
---|---|
https://github.com/ss122-0ss/semcms/blob/main/README.md | Exploit Third Party Advisory |
https://github.com/ss122-0ss/semcms/blob/main/README.md | Exploit Third Party Advisory |
Configurations
History
04 Apr 2025, 16:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/ss122-0ss/semcms/blob/main/README.md - Exploit, Third Party Advisory | |
First Time |
Sem-cms
Sem-cms semcms |
|
CPE | cpe:2.3:a:sem-cms:semcms:4.8:*:*:*:*:*:*:* |
Information
Published : 2024-04-03 04:15
Updated : 2025-04-04 16:31
NVD link : CVE-2024-31010
Mitre link : CVE-2024-31010
CVE.ORG link : CVE-2024-31010
JSON object : View
Products Affected
sem-cms
- semcms
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')