523 matches found
PT-2024-14082 · Mingsoft · Mingsoft Mcms
Name of the Vulnerable Software and Affected Versions: mingSoft MCMS version 5.2.4 Description: An issue in mingSoft MCMS allows a remote attacker to obtain sensitive information via a crafted script to the password parameter. Recommendations: For mingSoft MCMS version 5.2.4, consider restricting...
MCMS SQL Injection Vulnerability in Jiangxi Minsoft Technology Co.
MCMS is China's Ming Fei MingSoft company a complete open source J2ee system . Ltd. MCMS v5.2.9 version of the SQL injection vulnerability , the vulnerability stems from /content/list.do in the categoryType parameter lack of external input SQL statement validation , an attacker can use the...
SQL Injection
net.mingsoft: ms-mcms is vulnerable to SQL Injection. The vulnerability exists via the category Type parameter within /content/list.do, which allows an attacker to manipulate the backend database by injecting malicious SQL commands...
Mingsoft MCMS SQL injection
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
GHSA-3VVH-8C65-32J4 Mingsoft MCMS SQL injection
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
Sql injection
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
PT-2023-31596 · Mingsoft · Mingsoft Mcms
Name of the Vulnerable Software and Affected Versions: Mingsoft MCMS version 5.2.9 Description: A SQL injection issue was discovered in Mingsoft MCMS via the categoryType parameter at the "/content/list.do" API endpoint. This allows for potential exploitation. Recommendations: For Mingsoft MCMS...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
CVE-2023-50578
Mingsoft MCMS v5.2.9 is affected by a SQL injection via the categoryType parameter at /content/list.do. The vulnerability stems from unsanitized input, enabling attackers to execute arbitrary SQL commands. Reported impact includes potential data leakage, modification, or deletion. CVSSv3.1 is hig...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
Cross-site Scripting in Mingsoft MCMS
A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...
GHSA-RXVJ-5MV6-J5MC Cross-site Scripting in Mingsoft MCMS
A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...
CVE-2023-3990
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...
CVE-2023-3990
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...
Cross site scripting
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...
CVE-2023-3990
Mingsoft MCMS
CVE-2023-3990 Mingsoft MCMS HTTP POST Request search.do cross site scripting
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...