2 matches found
mingSoft MCMS SQL Injection Vulnerability (CNVD-2022-09255)
MingSoft Mcms is China's Ming Fei MingSoft company a complete open source J2ee system . mingSoft MCMS suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to...
MCMS SQL Injection Vulnerability
Mcms is a complete open source J2ee system from China MingFei MingSoft. mcms v5.2.4 version has a SQL injection vulnerability, which originates in /ms/mdiy/model/importJson.do for the lack of filtering and escaping of SQL data. No detailed vulnerability details are available at this time...