High severity7.5NVD Advisory· Published Oct 14, 2021· Updated Jun 17, 2026
CVE-2020-19954
CVE-2020-19954
Description
An XML External Entity (XXE) vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- S-CMS/S-CMSdescription
Patches
Vulnerability mechanics
References
1- github.com/zhuxianjin/vuln_repo/blob/master/S-CMS%20v3.0%20XXE%20Arbitrary%20File%20Read%20Vulnerability.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.