CVE-2022-30048

Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter...

CVE-2022-30048

CVE-2022-30048 affects Mingsoft MCMS 5.2.7 and is a SQL injection vulnerability in the /mdiy/dict/list endpoint exploited through the orderBy parameter. Root cause: unvalidated input leading to SQL injection; impact includes potential data exposure or modification as indicated by CVSS metrics (CV...

CVE-2022-30047

CVE-2022-30047 affects Mingsoft MCMS v5.2.7, with a SQL injection vulnerability in the /mdiy/dict/listExcludeApp URI via the orderBy parameter. The vulnerability is documented with CVSS v3.1 metrics (9.8, CRITICAL) and CVSS v2 metrics (7.5, HIGH). Connected sources consistently describe SQL injec...

MingSoft MCMS SQL注入漏洞

MingSoft MCMS is a J2ee system from MingSoft, a Chinese company. SQL injection vulnerability exists in Mingsoft MCMS version 5.2.7, which can be exploited by attackers to conduct SQL injection attacks in the /mdiy/dict/list URI via the orderBy parameter...

CVE-2022-25125

MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp...