CVE-2026-39169
Deferred Deferred - Pending Action
Unauthorized Access in SEMCMS 5.0 via SEMCMS_copy.php

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: MITRE

Description
SEMCMS 5.0 is vulnerable to unauthorized access in SEMCMS_copy.php.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-10
AI Q&A
2026-06-10
EPSS Evaluated
N/A
NVD
CVE-2026-39169
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
semcms semcms to 5.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability in SEMCMS 5.0 allows unauthenticated users to export a complete SQL database backup containing sensitive data such as administrator credentials, user information, and website configurations. This exposure of sensitive personal and administrative data can lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict controls over access to and protection of personal and confidential information.

Specifically, unauthorized access to sensitive data increases the risk of data breaches, which can result in legal penalties, loss of trust, and other compliance issues under these regulations.

Executive Summary

SEMCMS 5.0 and earlier versions have a vulnerability in the administrative backup component (SEMCMS_copy.php) that allows unauthorized users to export the database without authentication.

This happens because of improper access control, enabling anyone to send a specially crafted request to the backup module and trigger a full SQL database backup.

The backup file is saved in a predictable location (/backups/semcms.sql) and can be downloaded, exposing sensitive data such as administrator credentials, user information, and website configurations.

Additionally, a syntax error in the backup script may disrupt the backup process until fixed.

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information stored in the SEMCMS database.

  • Exposure of administrator credentials, which could allow attackers to gain full control over the system.
  • Leakage of user data and confidential website configurations.
  • Potential compromise of the entire website or system due to leaked sensitive information.
Detection Guidance

This vulnerability can be detected by checking if the SEMCMS_copy.php backup module is accessible without authentication and if it allows triggering a database export.

A simple way to test this is to send an HTTP request to the backup script with the specific parameter that triggers the export.

  • Use a command like: curl -I http://<your_server>/<admin_path>/SEMCMS_copy.php?type=dc
  • If the response indicates the backup file is generated or accessible, the vulnerability exists.
  • Additionally, check if the backup file exists at /backups/semcms.sql on the server.
Mitigation Strategies

Immediate mitigation steps include restricting access to SEMCMS_copy.php to authorized administrators only.

  • Enforce administrator authentication before allowing access to the backup module.
  • Disable direct access to backup files by moving them outside the web root directory.
  • Fix the syntax error in SEMCMS_copy.php (specifically the incorrect if statement) to ensure proper functioning of the backup process.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-39169. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart