Lucene search

Mkcms Security Vulnerabilities

cve

CVE-2020-22819

MKCMS V6.2 has SQL injection via the /ucenter/active.php verify...

9.8CVSS

8.6AI Score

0.002EPSS

2022-11-03 05:15 PM

cve

CVE-2020-22818

MKCMS V6.2 has SQL injection via /ucenter/reg.php name...

9.8CVSS

8.6AI Score

0.002EPSS

2022-11-03 05:15 PM

cve

CVE-2020-22820

MKCMS V6.2 has SQL injection via the /ucenter/repass.php name...

9.8CVSS

8.6AI Score

0.002EPSS

2022-11-03 05:15 PM

cve

CVE-2019-11332

MKCMS 5.0 allows remote attackers to take over arbitrary user accounts by posting a username and e-mail address to ucenter/repass.php, which triggers e-mail transmission with the password, as demonstrated by...

8.8CVSS

7.6AI Score

0.01EPSS

2019-04-18 11:29 PM

cve

CVE-2019-11078

MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php...

8.8CVSS

7.3AI Score

0.001EPSS

2019-04-11 02:29 AM

cve

CVE-2019-10707

MKCMS V5.0 has SQL injection via the bplay.php play...

9.8CVSS

8.6AI Score

0.002EPSS

2019-04-02 07:29 PM