CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

RedhatCVE•added 2025/05/22 9:50 p.m.•5 views

CVE-2022-30506

An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file...

9.8CVSS7.7AI score0.02652EPSS

Exploits1References1

NVD•added 2022/06/02 2:15 p.m.•8 views

CVE-2022-30506

An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file...

9.8CVSS0.02652EPSS

Exploits1References1

OSV•added 2022/06/02 2:15 p.m.•0 views

CVE-2022-30506

An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file...

9.8CVSS6.1AI score0.02652EPSS

Exploits1References1

NVD•added 2022/06/02 2:15 p.m.•8 views

CVE-2022-29647

An issue was discovered in MCMS 5.2.7. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...

8.8CVSS0.00382EPSS

Exploits1References1

OSV•added 2022/06/02 2:15 p.m.•0 views

CVE-2022-29647

An issue was discovered in MCMS 5.2.7. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...

8.8CVSS7.3AI score0.00382EPSS

Exploits1References1

Prion•added 2022/06/02 2:15 p.m.•9 views

Design/Logic Flaw

An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file...

7.5CVSS9.6AI score0.02652EPSS

Exploits1References1Affected Software1

CVE•added 2022/05/31 9:22 p.m.•77 views

CVE-2022-29647

MCMS 5.2.7 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that enables an attacker to add an administrator account via the path ms/basic/manager/save.do. Public sources in the connected set consistently describe this flaw in MingSoft MCMS and detail the injection vector through ...

8.8CVSS8.6AI score0.00382EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/05/31 9:22 p.m.•11 views

CVE-2022-29647

An issue was discovered in MCMS 5.2.7. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...

8.9AI score0.00382EPSS

Exploits1References1

Cvelist•added 2022/05/27 1:27 p.m.•10 views

CVE-2022-30506

An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file...

9.8AI score0.02652EPSS

Exploits1References1

CVE•added 2022/05/27 1:27 p.m.•105 views

CVE-2022-30506

CVE-2022-30506 affects MCMS 5.2.7. The vulnerability is an arbitrary file upload via a crafted ZIP file that allows an attacker to execute arbitrary code on the server. Connected sources corroborate a low-barrier remote vector and potential code execution; however, explicit patch details or versi...

9.8CVSS9.6AI score0.02652EPSS

Exploits1References1Affected Software1

OSV•added 2022/05/11 6:15 p.m.•0 views

CVE-2022-30047

Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter...

9.8CVSS5.8AI score

Exploits0References1

Prion•added 2022/05/11 6:15 p.m.•15 views

Sql injection

Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter...

7.5CVSS9.7AI score0.00374EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/05/11 5:38 p.m.•13 views

CVE-2022-30048

Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter...

10AI score0.00374EPSS

Exploits1References1

OSV•added 2022/04/22 8:15 p.m.•1 views

CVE-2022-27340

MCMS v5.2.7 contains a Cross-Site Request Forgery CSRF via /role/saveOrUpdateRole.do. This vulnerability allows attackers to escalate privileges and modify data...

8.8CVSS7.3AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by