SEMCMS Ant_Check.php sql injection

A vulnerability classified as critical has been found in SEMCMS. This affects an unknown part of the file Ant_Check.php. The manipulation of the argument DID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205839.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

SEMCMS SQL注入漏洞

SEMCMS是一套支持多种语言的外贸网站内容管理系统（CMS）。 SEMCMS存在SQL注入漏洞，该漏洞源于文件Ant_Check.php的未知部分受到影响，对参数DID的操作会导致sql注入，攻击可以远程发起，该漏洞利用已向公众披露并可能被使用。

N/A

N/A