CVE Catalog
CVE-2026-39170
MediumCVSS 6.3Exploitation Probability (EPSS)
Low risk0.02%
4th percentile - higher than 4% of all known CVEs
Summary
SemCms version 5.0 is vulnerable to Cross Site Request Forgery (CSRF) via crafted POST request to /admin/semcms_user.php.
Risk Assessment
An attacker could exploit this vulnerability to perform unauthorized actions on behalf of an authenticated user, potentially compromising data security.
Recommendation
It is recommended to implement CSRF tokens and validate POST requests to secure the application against such attacks.
Original NVD description (English source)
SemCms 5.0 is vulnerable to Cross Site Request Forgery (CSRF) via crafted POST request to /admin/semcms_user.php.

