4 matches found
CVE-2020-20913
SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basictitle parameter...
CVE-2020-20913
SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basictitle parameter...
CVE-2020-20913
SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basictitle parameter...
CVE-2020-20913
CVE-2020-20913 describes a SQL Injection in Ming-Soft MCMS v4.7.2 where the basic_title parameter can be manipulated to run arbitrary SQL, potentially enabling remote code execution. The underlying issue is insufficient input validation of the basic_title parameter, allowing attacker-controlled S...