12 matches found
EUVD-2026-16629
A weakness has been identified in mingSoft MCMS 迄 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible to...
CVE-2026-4954 mingSoft MCMS Web Content List Endpoint ContentAction.java list sql injection
A security vulnerability has been detected in mingSoft MCMS up to 5.5.0. Impacted is the function list of the file net/mingsoft/cms/action/web/ContentAction.java of the component Web Content List Endpoint. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit...
CVE-2026-4953 mingSoft MCMS Editor Endpoint BaseAction.java catchImage server-side request forgery
A weakness has been identified in mingSoft MCMS up to 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible...
CVE-2026-4953
CVE-2026-4953 affects mingSoft MCMS up to version 5.5.0, specifically the Editor Endpoint’s file net/mingsoft/cms/action/BaseAction.java and its catchImage function. Manipulating the argument catchimage can trigger server-side request forgery (SSRF) and is exploitable remotely. The exploit is pub...
MingSoft MCMS SQL注入漏洞
MCMS is China's Ming Fei MingSoft company a complete open source J2ee system . Ltd. MCMS v5.2.9 version of the SQL injection vulnerability , the vulnerability stems from /content/list.do in the categoryType parameter lack of external input SQL statement validation , an attacker can use the...
MingSoft MCMS 代码问题漏洞
MingSoft MCMS is a complete open-source J2ee system from China's MingSoft. A security vulnerability exists in MCMS version 5.0, which stems from a file upload vulnerability that allows an attacker to execute arbitrary code via a created thumbnail image...
MingSoft MCMS 安全漏洞
MingSoft MCMS is a complete open source J2ee system from China's MingSoft. A security vulnerability exists in MingSoft MCMS version 5.2.9, which stems from the save function of its Article Handler component that allows an attacker to implement cross-site scripting...
CVE-2022-4375
A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has been classified as critical. Affected is an unknown function of the file /cms/category/list. The manipulation of the argument sqlWhere leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...
MingSoft MCMS 代码问题漏洞
MCMS is a java-based development of a lightweight open source content management system . Jiangxi Mingsoft Technology Co., Ltd MCMS file upload vulnerability, an attacker can use the vulnerability to obtain control of the server...
CVE-2022-26585
Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability via /cms/content/list...
CVE-2021-46386
File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...
CVE-2021-46386
File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...