Lucene search
+L

234 matches found

cvelist
cvelist
added 2023/12/30 12:0 a.m.31 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

10AI score0.02222EPSS
Exploits1References1
cve
cve
added 2023/12/30 12:0 a.m.50 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 is affected by a SQL injection via the categoryType parameter at /content/list.do. The vulnerability stems from unsanitized input, enabling attackers to execute arbitrary SQL commands. Reported impact includes potential data leakage, modification, or deletion. CVSSv3.1 is hig...

9.8CVSS9.8AI score0.02222EPSS
Exploits1References1Affected Software1
osv
osv
added 2023/12/30 12:0 a.m.18 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...

9.8CVSS9.8AI score0.02222EPSS
Exploits1References3
osv
osv
added 2023/07/28 9:30 a.m.11 views

GHSA-RXVJ-5MV6-J5MC Cross-site Scripting in Mingsoft MCMS

A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...

3.5CVSS5.9AI score0.01365EPSS
Exploits1References5
github
github
added 2023/07/28 9:30 a.m.23 views

Cross-site Scripting in Mingsoft MCMS

A Cross-site Scripting vulnerability has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. Th...

6.1CVSS6.3AI score0.01365EPSS
Exploits1References5Affected Software1
osv
osv
added 2023/07/28 7:15 a.m.5 views

CVE-2023-3990

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

6.1CVSS3.8AI score0.01365EPSS
Exploits1References3
nvd
nvd
added 2023/07/28 7:15 a.m.14 views

CVE-2023-3990

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

6.1CVSS4.5AI score0.01365EPSS
Exploits1References3
prion
prion
added 2023/07/28 7:15 a.m.14 views

Cross site scripting

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

4CVSS6AI score0.01365EPSS
Exploits1References3Affected Software1
euvd
euvd
added 2023/07/28 7:0 a.m.4 views

EUVD-2023-2144

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

6.1CVSS3.9AI score0.01365EPSS
Exploits1References5
cvelist
cvelist
added 2023/07/28 7:0 a.m.22 views

CVE-2023-3990 Mingsoft MCMS HTTP POST Request search.do cross site scripting

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotel...

4CVSS6.2AI score0.01365EPSS
Exploits1References3
cve
cve
added 2023/07/28 7:0 a.m.75 views

CVE-2023-3990

Mingsoft MCMS

6.1CVSS4.7AI score0.01365EPSS
Exploits1References3Affected Software1
ptsecurity
ptsecurity
added 2023/07/28 12:0 a.m.4 views

PT-2023-27142 · Mingsoft · Mingsoft Mcms

Name of the Vulnerable Software and Affected Versions: Mingsoft MCMS versions up to 5.3.1 Description: A problematic vulnerability has been found in Mingsoft MCMS, affecting an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style...

6.1CVSS6.8AI score0.01365EPSS
Exploits1References7
cnnvd
cnnvd
added 2023/07/28 12:0 a.m.3 views

MingSoft MCMS 跨站脚本漏洞

MingSoft MCMS is a complete open source J2ee system from China's MingFei MingSoft. A cross-site scripting vulnerability exists in Mingsoft MCMS 5.3.1 and earlier versions, which stems from the parameter style in the file search.do that can lead to cross-site scripting...

6.1CVSS4.2AI score0.01365EPSS
Exploits1References4
cnnvd
cnnvd
added 2023/05/08 12:0 a.m.6 views

MingSoft MCMS 代码问题漏洞

MingSoft MCMS is a complete open-source J2ee system from China's MingSoft. A security vulnerability exists in MCMS version 5.0, which stems from a file upload vulnerability that allows an attacker to execute arbitrary code via a created thumbnail image...

8.8CVSS8.4AI score0.00924EPSS
Exploits1References3
veracode
veracode
added 2023/04/27 8:45 a.m.25 views

SQL Injection

net.mingsoft, ms-mcms is vulnerable to SQL Injection. The vulnerability exists because the library does not properly validate the query strings in the basictitle parameter , allowing an attacker to inject and execute malicious SQL queries...

9.8CVSS9.4AI score0.01423EPSS
Exploits1References2Affected Software1
cnnvd
cnnvd
added 2023/04/04 12:0 a.m.6 views

MCMS SQL注入漏洞

MingSoft MCMS is a complete open source J2ee system from MingSoft, China. A security vulnerability exists in MCMS v.4.7.2. An attacker can exploit this vulnerability to execute arbitrary code via the basictitle parameter...

9.8CVSS8.9AI score0.01423EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2023/04/04 12:0 a.m.7 views

PT-2023-11565 · Mingsoft · Mingsoft Mcms

Name of the Vulnerable Software and Affected Versions: Ming-Soft MCMS versions prior to 5.1 Description: A SQL Injection issue allows a remote attacker to execute arbitrary code via the basic title parameter. This issue is resolved in version 5.1. Recommendations: For versions prior to 5.1, updat...

9.8CVSS9.8AI score0.01423EPSS
Exploits1References4
cnnvd
cnnvd
added 2023/01/26 12:0 a.m.5 views

MingSoft MCMS 代码问题漏洞

MingSoft MCMS is a complete open-source J2ee system from China's MingSoft. A security vulnerability exists in MCMS v5.2.10, which stems from the ms/template/writeFileContent.do component that allows an attacker to achieve arbitrary file uploads...

8.8CVSS8.1AI score0.01025EPSS
Exploits1References2
osv
osv
added 2022/12/22 12:30 a.m.18 views

GHSA-6RVV-H8G7-728W Mingsoft MCMS Cross-site Scripting vulnerability

A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the...

5.4CVSS4.3AI score0.00408EPSS
Exploits1References3
github
github
added 2022/12/22 12:30 a.m.28 views

Mingsoft MCMS Cross-site Scripting vulnerability

A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the...

5.4CVSS5.4AI score0.00408EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder