5 matches found
MingSoft MCMS Cross-site Request Forgery Vulnerability
MingSoft MCMS is a J2ee system from MingSoft, a Chinese company. MingSoft MCMS version 5.2.7 is vulnerable to cross-site request forgery. An attacker can use this vulnerability to add an administrator account via ms/basic/manager/save.do...
MingSoft MCMS SQL Injection Vulnerability (CNVD-2022-72199)
MingSoft MCMS is a J2ee system from MingSoft, a Chinese company. SQL injection vulnerability exists in Mingsoft MCMS version 5.2.7, which can be exploited by attackers to conduct SQL injection attacks in the /mdiy/dict/list URI via the orderBy parameter...
MingSoft MCMS SQL Injection Vulnerability (CNVD-2022-85104)
MingSoft MCMS is a complete open source J2ee system from MingSoft, a Chinese company. mingsoft MCMS has a SQL injection vulnerability, which originates from the lack of filtering and escaping of SQL data in the categoryId parameter of /cms/content/list, and can be used by attackers to execute...
MingSoft Mcms SQL Injection Vulnerability (CNVD-2022-18534)
MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms v5.2.5 that allows an attacker to perform a SQL injection attack via the search.do parameter in the file /web/MCmsAction.java. No details of the vulnerability...
MCMS of Jiangxi Minsoft Technology Co., Ltd. has unspecified vulnerabilities
Mcms is a complete open source J2ee system from Jiangxi Mingsoft Technology Co. Mcms v5.1 version has a SQL injection vulnerability, which can be exploited by attackers to perform sql injection via /ms/cms/content/list.do...