2 matches found
Ming-Soft MCMS SQL Injection (CVE-2020-23262)
An SQL injection vulnerability exists in Ming-Soft MCMS. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2020-23262
CVE-2020-23262 : Ming-soft MCMS v5.0 is vulnerable to unauthenticated SQL injection via /mcms/view.do. The root cause is improper input handling that allows arbitrary SQL commands, with potential high/critical impact across confidentiality, integrity, and availability. The connected sources (GHSA...