Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2022-0589

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01819EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:53 p.m.17 views

CVE-2022-23315

MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnerability via the component /ms/template/writeFileContent.do...

9.8CVSS7.5AI score0.01819EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 p.m.9 views

CVE-2022-22928

MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key and execute arbitrary code...

9.8CVSS7.8AI score0.025EPSS
Exploits1References1
NVD
NVD
added 2022/03/03 7:15 p.m.12 views

CVE-2022-25125

MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp...

9.8CVSS0.07173EPSS
Exploits1References1
Prion
Prion
added 2022/03/03 7:15 p.m.21 views

Sql injection

MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp...

7.5CVSS9.8AI score0.07173EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/03/03 6:1 p.m.11 views

CVE-2022-25125

MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp...

10AI score0.07173EPSS
Exploits1References1
CVE
CVE
added 2022/03/03 6:1 p.m.124 views

CVE-2022-25125

MCMS v5.2.4 contains a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp. An attacker can potentially obtain sensitive information, modify data, or execute unauthorized administrative operations in the context of the affected site. CVSS details indicate a high/chary ...

9.8CVSS9.8AI score0.07173EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/02/19 12:1 a.m.22 views

GHSA-G8J8-MGH9-Q77P File upload leading to RCE in MCMS

An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code...

9.8CVSS9.8AI score0.03507EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/02/19 12:1 a.m.30 views

Path traversal in MCMS

MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do...

8.1CVSS4.2AI score0.01017EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2022/02/18 7:15 p.m.28 views

CVE-2021-46037

MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do...

8.1CVSS0.01017EPSS
Exploits1References1
NVD
NVD
added 2022/02/18 7:15 p.m.14 views

CVE-2021-46036

An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code...

9.8CVSS0.03507EPSS
Exploits1References1
Prion
Prion
added 2022/02/18 7:15 p.m.12 views

Arbitrary file deletion

MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do...

5.5CVSS8.2AI score0.01017EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/02/18 7:15 p.m.19 views

Privilege escalation

An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code...

7.5CVSS9.7AI score0.03507EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/02/18 6:32 p.m.22 views

CVE-2021-46036

An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code...

9.9AI score0.03507EPSS
Exploits1References1
CVE
CVE
added 2022/02/18 6:32 p.m.111 views

CVE-2021-46036

The vulnerability CVE-2021-46036 affects MCMS v5.2.4, via an arbitrary file upload in the component /ms/file/uploadTemplate.do. The Red Hat, GitHub advisories, OSV, and CVE records in connected sources corroborate an RCE risk from this upload path. The root cause is not explicitly detailed across...

9.8CVSS9.7AI score0.03507EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/22 12:0 a.m.22 views

Arbitrary File Upload in Mingsoft MCMS

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

9.8CVSS7.9AI score0.02576EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2022/01/21 12:15 a.m.41 views

CVE-2022-23315

MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnerability via the component /ms/template/writeFileContent.do...

9.8CVSS0.01819EPSS
Exploits1References1
NVD
NVD
added 2022/01/21 12:15 a.m.19 views

CVE-2022-22930

A remote code execution RCE vulnerability in the Template Management function of MCMS v5.2.4 allows attackers to execute arbitrary code via a crafted payload...

9.8CVSS0.23694EPSS
Exploits1References1
NVD
NVD
added 2022/01/21 12:15 a.m.13 views

CVE-2022-23314

MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via /ms/mdiy/model/importJson.do...

9.8CVSS0.01595EPSS
Exploits1References1
NVD
NVD
added 2022/01/21 12:15 a.m.23 views

CVE-2022-22928

MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key and execute arbitrary code...

9.8CVSS0.025EPSS
Exploits1References1
Rows per page
Query Builder