黑蚂蚁.阿梁

**Name of the Vulnerable Software and Affected Versions** SEMCMS SHOP version 1.1 **Description** The issue is related to Cross Site Scripting (XSS) via the Ant M Coup.php file. This means an attacker could potentially inject malicious scripts into the website, affecting user sessions. **Recommendations** For SEMCMS SHOP version 1.1, as a temporary workaround, consider restricting access to the Ant M Coup.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SEMCMS SHOP version 1.1 **Description** The issue is related to SQL Injection via the Ant Plist.php file. **Recommendations** For SEMCMS SHOP version 1.1, consider restricting access to the Ant Plist.php file as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** SEMCMS SHOP version 1.1 **Description** The issue is related to SQL Injection, which can be exploited via the Ant Info.php file. **Recommendations** For SEMCMS SHOP version 1.1, consider restricting access to the Ant Info.php file as a temporary workaround until a patch is available. Avoid using user-supplied input in SQL queries to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SEMCMS SHOP version 1.1 **Description** The issue is related to SQL Injection via the Ant Zekou.php file. **Recommendations** For SEMCMS SHOP version 1.1, update to a version that fixes the SQL Injection issue in Ant Zekou.php, if available. As a temporary workaround, consider restricting access to the Ant Zekou.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SEMCMS SHOP version 1.1 **Description** The issue is related to SQL Injection via the Ant BlogCat.php file. This allows for potential exploitation of the database. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For SEMCMS SHOP version 1.1, consider restricting access to the Ant BlogCat.php file as a temporary workaround until a patch is available. Avoid using user-input data directly in SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SEMCMS SHOP version 1.1 **Description** The issue is related to SQL Injection via the `Ant Menu.php` file. This allows for potential exploitation. **Recommendations** For SEMCMS SHOP version 1.1, consider restricting access to the `Ant Menu.php` file as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** SEMCMS Shop version 1.1 **Description** The issue is related to SQL Injection via the Ant Global.php file. This allows for potential exploitation. **Recommendations** For SEMCMS Shop version 1.1, consider restricting access to the Ant Global.php file until a patch is available. As a temporary workaround, avoid using user-input data in SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SEMCMS version 1.1 **Description** The issue is related to SQL Injection via the Ant Pro.php file. **Recommendations** For SEMCMS version 1.1, consider restricting access to the Ant Pro.php file as a temporary workaround until a patch is available.