Lucene search
+L

523 matches found

Positive Technologies
Positive Technologies
added 2024/01/15 12:0 a.m.7 views

PT-2024-14082 · Mingsoft · Mingsoft Mcms

Name of the Vulnerable Software and Affected Versions: mingSoft MCMS version 5.2.4 Description: An issue in mingSoft MCMS allows a remote attacker to obtain sensitive information via a crafted script to the password parameter. Recommendations: For mingSoft MCMS version 5.2.4, consider restricting...

7.5CVSS7.2AI score0.01119EPSS
Exploits1References7
CNVD
CNVD
added 2024/01/05 12:0 a.m.28 views

MCMS SQL Injection Vulnerability in Jiangxi Minsoft Technology Co.

MCMS is China's Ming Fei MingSoft company a complete open source J2ee system . Ltd. MCMS v5.2.9 version of the SQL injection vulnerability , the vulnerability stems from /content/list.do in the categoryType parameter lack of external input SQL statement validation , an attacker can use the...

9.8CVSS7.3AI score0.02222EPSS
Exploits1References1
Veracode
Veracode
added 2024/01/04 1:51 p.m.18 views

SQL Injection

net.mingsoft: ms-mcms is vulnerable to SQL Injection. The vulnerability exists via the category Type parameter within /content/list.do, which allows an attacker to manipulate the backend database by injecting malicious SQL commands...

9.8CVSS7.3AI score0.02222EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2023/12/30 6:30 p.m.26 views

Mingsoft MCMS SQL injection

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

9.8CVSS8.3AI score0.02222EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/12/30 6:30 p.m.34 views

GHSA-3VVH-8C65-32J4 Mingsoft MCMS SQL injection

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

8.8CVSS9.8AI score0.02222EPSS
Exploits1References3
NVD
NVD
added 2023/12/30 4:15 p.m.17 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

9.8CVSS0.02222EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/12/30 4:15 p.m.12 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

9.8CVSS7.4AI score0.02222EPSS
Exploits1References3
Prion
Prion
added 2023/12/30 4:15 p.m.17 views

Sql injection

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

7.5CVSS8.5AI score0.02222EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/30 12:0 a.m.5 views

PT-2023-31596 · Mingsoft · Mingsoft Mcms

Name of the Vulnerable Software and Affected Versions: Mingsoft MCMS version 5.2.9 Description: A SQL injection issue was discovered in Mingsoft MCMS via the categoryType parameter at the "/content/list.do" API endpoint. This allows for potential exploitation. Recommendations: For Mingsoft MCMS...

9.8CVSS7.5AI score0.02222EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2023/12/30 12:0 a.m.10 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

8.2AI score0.02222EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/12/30 12:0 a.m.31 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

10AI score0.02222EPSS
Exploits1References1
CVE
CVE
added 2023/12/30 12:0 a.m.51 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 is affected by a SQL injection via the categoryType parameter at /content/list.do. The vulnerability stems from unsanitized input, enabling attackers to execute arbitrary SQL commands. Reported impact includes potential data leakage, modification, or deletion. CVSSv3.1 is hig...

9.8CVSS9.8AI score0.02222EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/12/30 12:0 a.m.18 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

9.8CVSS9.8AI score0.02222EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2023/07/28 9:30 a.m.25 views

Cross-site Scripting in Mingsoft MCMS

A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...

6.1CVSS6.3AI score0.01365EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2023/07/28 9:30 a.m.12 views

GHSA-RXVJ-5MV6-J5MC Cross-site Scripting in Mingsoft MCMS

A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...

3.5CVSS5.9AI score0.01365EPSS
Exploits1References5
OSV
OSV
added 2023/07/28 7:15 a.m.6 views

CVE-2023-3990

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

6.1CVSS3.8AI score0.01365EPSS
Exploits1References3
NVD
NVD
added 2023/07/28 7:15 a.m.16 views

CVE-2023-3990

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

6.1CVSS4.5AI score0.01365EPSS
Exploits1References3
Prion
Prion
added 2023/07/28 7:15 a.m.15 views

Cross site scripting

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

4CVSS6AI score0.01365EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/07/28 7:0 a.m.76 views

CVE-2023-3990

Mingsoft MCMS

6.1CVSS4.7AI score0.01365EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/07/28 7:0 a.m.23 views

CVE-2023-3990 Mingsoft MCMS HTTP POST Request search.do cross site scripting

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

4CVSS6.2AI score0.01365EPSS
Exploits1References3
Rows per page
Query Builder