17 matches found
CVE-2022-23899
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...
EUVD-2022-1389
Malicious code in bioql PyPI...
GHSA-P94Q-9Q2M-PFH2 SQL injection in net.mingsoft:ms-mcms
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...
CVE-2022-23898
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...
CVE-2022-23899
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...
Sql injection
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...
Sql injection
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...
CVE-2022-23898
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...
CVE-2022-23899
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...
CVE-2022-23899
CVE-2022-23899 concerns MCMS v5.2.5, where a SQL injection vulnerability exists through the search.do endpoint in the file /web/MCmsAction.java. The issue is documented across multiple feeds (NVD, Red Hat, CNVD, OSV, GHSA, etc.) and consistently described as SQL injection in the MingSoft MCMS sys...
GHSA-GC79-GH4F-9G6W Server Side Template Injection in MCMS
MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...
CVE-2021-46063
MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...
Arbitrary file deletion
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName...
Sql injection
MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...
CVE-2021-46063
MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...
CVE-2021-46062
MCMS 5.2.5 is affected by an arbitrary file deletion vulnerability in the oldFileName handling. The issue arises from ms-basic
CVE-2021-46062
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName...