522 matches found
CVE-2025-29287
An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary code via uploading a crafted file...
File Upload Vulnerability in MCMS of Jiangxi Minsoft Technology Co.
MCMS is a java-based development of a lightweight open source content management system . Jiangxi Mingsoft Technology Co., Ltd MCMS file upload vulnerability, an attacker can use the vulnerability to obtain control of the server...
CVE-2024-42991
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution...
CVE-2024-42991
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution...
CVE-2024-42991
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution...
CVE-2024-42991
CVE-2024-42991 affects MCMS v5.4.1, where a front-end file upload vulnerability can lead to remote command execution. The Red Hat / NVD / OSV / CVE records agree on the symptom; exploitation details are not provided in the connected documents. A practical mitigation mentioned in PT-2024-30245 is ...
PT-2024-30245 · Mcms · Mcms
Name of the Vulnerable Software and Affected Versions: MCMS version 5.4.1 Description: The issue is related to a front-end file upload vulnerability in MCMS, which can lead to remote command execution. This allows an attacker to execute commands remotely. Recommendations: For MCMS version 5.4.1,...
MingSoft MCMS 安全漏洞
MingSoft MCMS is a complete open source J2ee system from China's MingFei MingSoft. A security vulnerability exists in MingSoft MCMS version v5.4.1, which stems from improper handling of the front-end file upload function, and could lead to remote command execution...
CVE-2024-42991
MCMS v5.4.1 has front-end file upload vulnerability which can lead to remote command execution...
GHSA-7QW4-9R68-2RMX mingSoft MCMS File Upload vulnerability
File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do...
mingSoft MCMS File Upload vulnerability
File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do...
CVE-2024-22567
File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do...
Unrestricted file upload
File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do...
CVE-2024-22567
Summary (CVE-2024-22567): A file-upload vulnerability in MCMS 5.3.5 allows an attacker to upload arbitrary files via a crafted POST to /ms/file/upload.do. The issue is documented across multiple sources (Red Hat, Veracode, GitHub advisory, OSV and others) and is rated with high impact (confidenti...
CVE-2024-22567
File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do...
CVE-2024-22567
File Upload vulnerability in MCMS 5.3.5 allows attackers to upload arbitrary files via crafted POST request to /ms/file/upload.do...
Code injection in mingSoft MCMS
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...
GHSA-H57W-VH34-F8CW Code injection in mingSoft MCMS
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...
CVE-2023-51282
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...
CVE-2023-51282
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...