MingSoft MCMS SQL Injection Vulnerability (CNVD-2022-72199)
MingSoft MCMS is a J2ee system from MingSoft, a Chinese company. SQL injection vulnerability exists in Mingsoft MCMS version 5.2.7, which can be exploited by attackers to conduct SQL injection attacks in the /mdiy/dict/list URI via the orderBy parameter...