11 matches found
CVE-2026-6562
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
MuuCmf 安全漏洞
MuuCmf is an open-source application development framework created by Dameng100. Version MuuCmf 1.9.5.20260309 contains a security vulnerability, which stems from the handling of the keyword parameter in the file/index/Search/index.html. This vulnerability may lead to SQL injection attacks...
EUVD-2026-16136
A vulnerability was determined in dameng100 muucmf 1.9.5.20260309. This affects an unknown function of the file /admin/extend/list.html. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be launched remotely. The exploit has been publicly disclosed and...
CVE-2026-4847
The CVE-2026-4847 entry concerns dameng100 muucmf 1.9.5.20260309. A cross-site scripting flaw exists in an unknown function of /admin/config/list.html caused by manipulating the Name argument. The attack is remote and the exploit has been made public. No remediation details are provided in the do...
CVE-2026-4846
A vulnerability has been found in dameng100 muucmf 1.9.5.20260309. The affected element is an unknown function of the file channel/admin.Account/autoReply.html. Such manipulation of the argument keyword leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...
CVE-2026-4846 dameng100 muucmf autoReply.html cross site scripting
A vulnerability has been found in dameng100 muucmf 1.9.5.20260309. The affected element is an unknown function of the file channel/admin.Account/autoReply.html. Such manipulation of the argument keyword leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...
CVE-2026-4846
The CVE-2026-4846 issue affects dameng100 muucmf 1.9.5.20260309 . The vulnerability resides in an unknown function within the file channel/admin.Account/autoReply.html , where manipulation of the argument keyword enables a cross-site scripting (XSS) condition. It is remotely exploitable , with th...
MuuCmf 代码注入漏洞
MuuCmf is an open-source application development framework created by Dameng100. Version MuuCmf 1.9.5.20260309 contains a code injection vulnerability. This vulnerability stems from incorrect handling of parameters named “Name” in the file “admin/config/list.html”, which may lead to cross-site...
MuuCmf 代码注入漏洞
MuuCmf is an open-source application development framework created by Dameng100. Version muucmf 1.9.5.20260309 contains a code injection vulnerability. This vulnerability stems from incorrect handling of parameters named "keyword" in the file channel/admin.Account/autoReply.html, which may lead t...
MuuCmf 代码注入漏洞
MuuCmf is an open-source application development framework created by Dameng100. Version muucmf 1.9.5.20260309 contains a code injection vulnerability. This vulnerability stems from incorrect handling of parameters in the file admin/extend/list.html, which may lead to cross-site scripting attacks...
PT-2026-28211
A vulnerability has been found in dameng100 muucmf 1.9.5.20260309. The affected element is an unknown function of the file channel/admin.Account/autoReply.html. Such manipulation of the argument keyword leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...