The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows attackers to obtain the password in plaintext through a SQL query.
Published December 17, 2021.
Sem-cms Semcms