want1997/SEMCMS_VUL

Releases0

the vuln of poc

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-36800 ↗	Jun 4, 2024Tuesday, 4 June 2024, 13:15	7.5 HIGH	—
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the ID parameter in Download.php.
CVE-2024-36801 ↗	Jun 4, 2024Tuesday, 4 June 2024, 13:15	5.9 MEDIUM	—
A SQL injection vulnerability in SEMCMS v.4.8, allows a remote attacker to obtain sensitive information via the lgid parameter in Download.php.