Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:55 a.m.5 views

CVE-2022-23314

MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via /ms/mdiy/model/importJson.do...

9.8CVSS8.3AI score0.00402EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:53 a.m.5 views

CVE-2022-23898

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

9.8CVSS8.2AI score0.75534EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:46 a.m.3 views

CVE-2022-31943

MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability...

9.8CVSS7.4AI score0.00568EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:49 a.m.5 views

CVE-2022-27340

MCMS v5.2.7 contains a Cross-Site Request Forgery CSRF via /role/saveOrUpdateRole.do. This vulnerability allows attackers to escalate privileges and modify data...

8.8CVSS7.2AI score0.003EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/23 9:31 p.m.1 views

EUVD-2025-35713

MCMS reflected cross-site scripting XSS vulnerability...

6.1CVSS5.3AI score0.00024EPSS
Exploits0References5
OSV
OSVadded 2025/10/23 7:15 p.m.0 views

CVE-2025-60837

A reflected cross-site scripting XSS vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload...

6.1CVSS5.9AI score
Exploits0References3
OSV
OSVadded 2025/10/17 7:15 p.m.1 views

CVE-2025-56316

A SQL injection vulnerability in the contenttitle parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering...

9.8CVSS8.6AI score
Exploits0References2
OSV
OSVadded 2025/10/10 6:15 p.m.1 views

CVE-2025-60838

An arbitrary file upload vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary code via uploading a crafted file...

6.5CVSS6.2AI score0.00055EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-5967

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.02652EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-31968

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00402EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-0354

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00335EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-6052

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00382EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-6226

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00568EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-0878

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00234EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-28397

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00402EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 1:15 a.m.5 views

CVE-2022-29647

An issue was discovered in MCMS 5.2.7. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...

8.8CVSS6.9AI score0.00382EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 12:4 a.m.7 views

CVE-2022-25125

MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp...

9.8CVSS8.2AI score0.75534EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 11:51 p.m.1 views

CVE-2022-22929

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

9.8CVSS8.1AI score0.02652EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:36 p.m.3 views

CVE-2022-27466

MCMS v5.2.27 was discovered to contain a SQL injection vulnerability in the orderBy parameter at /dict/list.do...

9.8CVSS8.3AI score0.00402EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 6:55 p.m.4 views

CVE-2021-46037

MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do...

8.1CVSS7.5AI score0.00234EPSS
Exploits1
Rows per page
Query Builder