234 matches found
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
CVE-2023-50578
Mingsoft MCMS v5.2.9 is affected by a SQL injection via the categoryType parameter at /content/list.do. The vulnerability stems from unsanitized input, enabling attackers to execute arbitrary SQL commands. Reported impact includes potential data leakage, modification, or deletion. CVSSv3.1 is hig...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
GHSA-RXVJ-5MV6-J5MC Cross-site Scripting in Mingsoft MCMS
A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...
Cross-site Scripting in Mingsoft MCMS
A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...
CVE-2023-3990
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...
CVE-2023-3990
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...
Cross site scripting
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...
EUVD-2023-2144
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...
CVE-2023-3990 Mingsoft MCMS HTTP POST Request search.do cross site scripting
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...
CVE-2023-3990
Mingsoft MCMS
PT-2023-27142 · Mingsoft · Mingsoft Mcms
Name of the Vulnerable Software and Affected Versions: Mingsoft MCMS versions up to 5.3.1 Description: A problematic vulnerability has been found in Mingsoft MCMS, affecting an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style...
MingSoft MCMS 跨站脚本漏洞
MingSoft MCMS is a complete open source J2ee system from China's MingFei MingSoft. A cross-site scripting vulnerability exists in Mingsoft MCMS 5.3.1 and earlier versions, which stems from the parameter style in the file search.do that can lead to cross-site scripting...
MingSoft MCMS 代码问题漏洞
MingSoft MCMS is a complete open-source J2ee system from China's MingSoft. A security vulnerability exists in MCMS version 5.0, which stems from a file upload vulnerability that allows an attacker to execute arbitrary code via a created thumbnail image...
SQL Injection
net.mingsoft, ms-mcms is vulnerable to SQL Injection. The vulnerability exists because the library does not properly validate the query strings in the basictitle parameter , allowing an attacker to inject and execute malicious SQL queries...
MCMS SQL注入漏洞
MingSoft MCMS is a complete open source J2ee system from MingSoft, China. A security vulnerability exists in MCMS v.4.7.2. An attacker can exploit this vulnerability to execute arbitrary code via the basictitle parameter...
PT-2023-11565 · Mingsoft · Mingsoft Mcms
Name of the Vulnerable Software and Affected Versions: Ming-Soft MCMS versions prior to 5.1 Description: A SQL Injection issue allows a remote attacker to execute arbitrary code via the basic title parameter. This issue is resolved in version 5.1. Recommendations: For versions prior to 5.1, updat...
MingSoft MCMS 代码问题漏洞
MingSoft MCMS is a complete open-source J2ee system from China's MingSoft. A security vulnerability exists in MCMS v5.2.10, which stems from the ms/template/writeFileContent.do component that allows an attacker to achieve arbitrary file uploads...
GHSA-6RVV-H8G7-728W Mingsoft MCMS Cross-site Scripting vulnerability
A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the...
Mingsoft MCMS Cross-site Scripting vulnerability
A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the...