CVE-2021-38729

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Plist.php.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:sem-cms:semcms:1.1:*:*:*:*:*:*:*

History

28 Oct 2022, 18:47

Type Values Removed Values Added
CWE CWE-89
References (MISC) https://www.sem-cms.cn/wenda/view-56.html - (MISC) https://www.sem-cms.cn/wenda/view-56.html - Vendor Advisory
References (MISC) https://github.com/BigTiger2020/SCSHOP/blob/main/semcms-5.md - (MISC) https://github.com/BigTiger2020/SCSHOP/blob/main/semcms-5.md - Exploit, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CPE cpe:2.3:a:sem-cms:semcms:1.1:*:*:*:*:*:*:*
First Time Sem-cms
Sem-cms semcms

28 Oct 2022, 16:46

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-28 16:15

Updated : 2023-12-10 14:35


NVD link : CVE-2021-38729

Mitre link : CVE-2021-38729

CVE.ORG link : CVE-2021-38729


JSON object : View

Products Affected

sem-cms

  • semcms
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')