SQL Injection Vulnerability in SemCms Product by SemCms
CVE-2024-52725

Currently unrated

Key Information:

Vendor: SemCms
Status: SemCms
Vendor: CVE Published:; 20 November 2024

What is CVE-2024-52725?

SemCms version 4.8 has been identified as having a SQL injection vulnerability in the SEMCMS_SeoAndTag.php component. This issue arises due to inadequate validation of the ldgid parameter, which can allow an attacker to manipulate SQL queries, thereby executing arbitrary code on the server. It is crucial for users to assess their systems and apply security updates to mitigate potential risks associated with this vulnerability.

References

http://semcms.com

https://github.com/Megrez0423/Seecms

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2024