Lucene search
GitHub Advisory DatabaseGHSA-W3RC-2WHG-W934HistoryAug 17, 2022 - 12:00 a.m.
Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models List
2022-08-1700:00:30
CWE-89
GitHub Advisory Database
github.com
11
mingsoft mcms
sql injection
/mdiy/model/delete
models lists
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
54.5%
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists.
Affected configurations
Node
net.mingsoftms-mcmsRange≤5.2.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| net.mingsoft | ms-mcms | * | cpe:2.3:a:net.mingsoft:ms-mcms:*:*:*:*:*:*:*:* |
Related
prion
prion
Sql injection
2022-08-16 13:15:00
nvd
nvd
CVE-2022-36599
2022-08-16 13:15:11
osv
osv
cvelist
cvelist
CVE-2022-36599
2022-08-16 12:51:34
cve
cve
CVE-2022-36599
2022-08-16 13:15:11
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
54.5%
Related for GHSA-W3RC-2WHG-W934