CVE-2025-51659

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Products.php.
References
Link Resource
http://semcms.com Not Applicable
https://github.com/Y4y17/CVE/blob/main/SemCms/SQL_Injection_8.md Exploit Third Party Advisory
https://www.sem-cms.com/ Product
Configurations

Configuration 1 (hide)

cpe:2.3:a:sem-cms:semcms:*:*:*:*:*:*:*:*

History

15 Jul 2025, 16:39

Type Values Removed Values Added
References () http://semcms.com - () http://semcms.com - Not Applicable
References () https://github.com/Y4y17/CVE/blob/main/SemCms/SQL_Injection_8.md - () https://github.com/Y4y17/CVE/blob/main/SemCms/SQL_Injection_8.md - Exploit, Third Party Advisory
References () https://www.sem-cms.com/ - () https://www.sem-cms.com/ - Product
First Time Sem-cms
Sem-cms semcms
CPE cpe:2.3:a:sem-cms:semcms:*:*:*:*:*:*:*:*

15 Jul 2025, 13:14

Type Values Removed Values Added
Summary
  • (es) Se descubrió que SemCms v5.0 contenía una vulnerabilidad de inyección SQL a través del parámetro ID en SEMCMS_Products.php.

14 Jul 2025, 20:15

Type Values Removed Values Added
CWE CWE-89
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4

14 Jul 2025, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-07-14 17:15

Updated : 2025-07-15 16:39


NVD link : CVE-2025-51659

Mitre link : CVE-2025-51659

CVE.ORG link : CVE-2025-51659


JSON object : View

Products Affected

sem-cms

  • semcms
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')