| CVE ID | CVE-2024-3800 |
| Publication date | 28 June 2024 |
| Vendor | Concept Intermedia |
| Product | S@M CMS |
| Vulnerable versions | All through 3.3 |
| Vulnerability type (CWE) | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79) |
| Report source | Own research |
| CVE ID | CVE-2024-3801 |
| Publication date | 28 June 2024 |
| Vendor | Concept Intermedia |
| Product | S@M CMS |
| Vulnerable versions | All through 3.3 |
| Vulnerability type (CWE) | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79) |
| Report source | Own research |
| CVE ID | CVE-2024-3816 |
| Publication date | 28 June 2024 |
| Vendor | Concept Intermedia |
| Product | S@M CMS |
| Vulnerable versions | All through 3.3 |
| Vulnerability type (CWE) | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) |
| Report source | Own research |
Description
During its own research, CERT Polska has found three vulnerabilities in Concept Intermedia S@M CMS software and participated in coordination of their disclosure.
The vulnerabilities CVE-2024-3800 and CVE-2024-3801 allow for performing Reflected Cross-Site Scripting (XSS) attacks using sites managed in S@M CMS (Concept Intermedia) via respectively including scripts in requested file names and in one of GET header parameters.
The vulnerability CVE-2024-3816 allows for Blind SQL Injection attacks when utilizing a search bar by unauthenticated user.
Vulnerable are all versions through 3.3. Only a part of observed services is vulnerable, which might indicate that the issue is related to some of the modules and not the core part of S@M CMS software, but since vendor has not provided any details about results of their investigation, it is hard to determine in which cases the weaknesses exist.
More about the coordinated vulnerability disclosure process at CERT Polska can be found at https://cert.pl/en/cvd/.