CVE-2026-39169
Description
SEMCMS 5.0 and earlier allows unauthenticated database backup export via SEMCMS_copy.php, leading to sensitive data disclosure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SEMCMS 5.0 and earlier allows unauthenticated database backup export via SEMCMS_copy.php, leading to sensitive data disclosure.
Vulnerability
A vulnerability exists in SEMCMS version 5.0 and earlier within the administrative backup component, specifically in the file SEMCMS_copy.php [1]. This file lacks proper authentication and authorization checks, allowing unauthenticated users to access the database export functionality [1].
Exploitation
An attacker can exploit this vulnerability by sending a crafted GET request to the backup module, such as GET /<admin_path>/SEMCMS_copy.php?type=dc, without needing valid administrator credentials [1].
Impact
Successful exploitation allows an attacker to generate a complete SQL database backup. This backup file is stored in a predictable location and can be downloaded, resulting in the disclosure of sensitive database contents [1].
Mitigation
No patched version or specific mitigation details are disclosed in the available references. The vulnerability affects SEMCMS versions 5.0 and earlier [1].
AI Insight generated on Jun 9, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The SEMCMS_copy.php script lacks proper authentication and authorization checks."
Attack vector
An unauthenticated attacker can exploit this vulnerability by sending a crafted GET request to the SEMCMS_copy.php script with the type parameter set to 'dc'. This request bypasses necessary authentication and authorization checks, allowing the attacker to trigger the database export functionality. The generated SQL database backup file is then stored in a predictable location, enabling the attacker to download it and access sensitive database contents [ref_id=1].
Affected code
The vulnerability resides in the SEMCMS_copy.php file, located within the admin path of the SEMCMS application. This script handles the database backup functionality [ref_id=1].
What the fix does
The advisory does not provide information about a patch or specific remediation steps. It indicates that SEMCMS version 5.0 and earlier are affected. Therefore, no fix explanation can be provided.
Preconditions
- authThe attacker does not require any authentication or valid administrator credentials.
- configThe SEMCMS application must be installed and running.
Reproduction
GET /<admin_path>/SEMCMS_copy.php?type=dc
Generated on Jun 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1News mentions
0No linked articles in our index yet.