CVE-2024-52725

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
20/11/2024
Last modified:
04/04/2025

Description

SemCms v4.8 was discovered to contain a SQL injection vulnerability. This allows an attacker to execute arbitrary code via the ldgid parameter in the SEMCMS_SeoAndTag.php component.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:sem-cms:semcms:4.8:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools