cbcvebase.
CVE-2023-48863
published 2023-12-04

CVE-2023-48863: SEMCMS 3.9 is vulnerable to SQL Injection. Due to the lack of security checks on the input of the application, the attacker uses the existing application to…

PriorityP347high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.86%
53.9th percentile
SEMCMS 3.9 is vulnerable to SQL Injection. Due to the lack of security checks on the input of the application, the attacker uses the existing application to inject malicious SQL commands into the background database engine for execution, and sends some attack codes as commands or query statements to the interpreter. These malicious data can deceive the interpreter, so as to execute unplanned commands or unauthorized access to data.

Affected

1 ranges
VendorProductVersion rangeFixed in
sem-cmssemcms
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.