SEMCMS SQL Injection Vulnerability in Image Library Management Component

Vulnerability

A critical SQL injection vulnerability has been identified in SEMCMS versions through 4.8. The issue arises from an unknown functionality in the file SEMCMS_Images.php, specifically within the Image Library Management Page component. This vulnerability can be exploited remotely, allowing attackers to manipulate SQL queries and potentially access or modify database information.

Impact

Exploitation of this vulnerability allows for SQL injection, which could be used to manipulate database queries, potentially leading to unauthorized data access or modification.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

3.1

exploitability

6.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

3.1

exploitability

6.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SEMCMS SQL Injection Vulnerability in Image Library Management Component

Vulnerability

Impact

Affected Products

Upgradeextension SEMCMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating