CVE-2024-13193

Name of the Vulnerable Software and Affected Versions SEMCMS versions prior to 4.8

Description A critical issue has been found in SEMCMS, affecting an unknown functionality of the SEMCMS Images.php file in the Image Library Management Page component. This issue leads to a SQL injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Recommendations For versions prior to 4.8, as a temporary workaround, consider disabling the SEMCMS Images.php file or restricting access to the Image Library Management Page until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.