SEMCMS SHOP v 1.1 is vulnerable to Cross Site Scripting (XSS) via Ant_M_Coup.php.

SEMCMS v 1.2 is vulnerable to SQL Injection via SEMCMS_User.php.

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Zekou.php.

SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php.

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Menu.php.

SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php.

Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists.

Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter.

A vulnerability classified as critical has been found in SEMCMS. This affects an unknown part of the file Ant_Check.php. The manipulation of the argument DID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205839.

MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability.