Vulnerabilities (CVE)

Filtered by vendor Conceptintermedia Subscribe
Filtered by product S\@m Cms
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-3816 1 Conceptintermedia 1 S\@m Cms 2024-11-21 N/A 9.8 CRITICAL
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection executed using the search bar.  Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.
CVE-2024-3801 1 Conceptintermedia 1 S\@m Cms 2024-11-21 N/A 6.1 MEDIUM
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in one of GET header parameters.  Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.
CVE-2024-3800 1 Conceptintermedia 1 S\@m Cms 2024-11-21 N/A 6.1 MEDIUM
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in requested file names.  Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.