Lucene search
K

5 matches found

CNVD
CNVD
added 2022/06/09 12:0 a.m.15 views

MingSoft MCMS Cross-site Request Forgery Vulnerability

MingSoft MCMS is a J2ee system from MingSoft, a Chinese company. MingSoft MCMS version 5.2.7 is vulnerable to cross-site request forgery. An attacker can use this vulnerability to add an administrator account via ms/basic/manager/save.do...

6.8CVSS5AI score0.00642EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/05/13 12:0 a.m.17 views

MingSoft MCMS SQL Injection Vulnerability (CNVD-2022-72199)

MingSoft MCMS is a J2ee system from MingSoft, a Chinese company. SQL injection vulnerability exists in Mingsoft MCMS version 5.2.7, which can be exploited by attackers to conduct SQL injection attacks in the /mdiy/dict/list URI via the orderBy parameter...

7.5CVSS5.1AI score0.01455EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/04/07 12:0 a.m.15 views

MingSoft MCMS SQL Injection Vulnerability (CNVD-2022-85104)

MingSoft MCMS is a complete open source J2ee system from MingSoft, a Chinese company. mingsoft MCMS has a SQL injection vulnerability, which originates from the lack of filtering and escaping of SQL data in the categoryId parameter of /cms/content/list, and can be used by attackers to execute...

9.8CVSS4.6AI score0.05617EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/04 12:0 a.m.16 views

MingSoft Mcms SQL Injection Vulnerability (CNVD-2022-18534)

MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms v5.2.5 that allows an attacker to perform a SQL injection attack via the search.do parameter in the file /web/MCmsAction.java. No details of the vulnerability...

9.8CVSS9.8AI score0.01064EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/18 12:0 a.m.45 views

MCMS of Jiangxi Minsoft Technology Co., Ltd. has unspecified vulnerabilities

Mcms is a complete open source J2ee system from Jiangxi Mingsoft Technology Co. Mcms v5.1 version has a SQL injection vulnerability, which can be exploited by attackers to perform sql injection via /ms/cms/content/list.do...

9.8CVSS4.3AI score0.01385EPSS
Exploits1References1
Rows per page
Query Builder