6 matches found
CVE-2022-4350
CVE-2022-4350 affects Mingsoft MCMS 5.2.8. The vulnerability is in an unknown function within the file search.do; manipulating the content_title argument leads to cross-site scripting (XSS). Remote exploitation is possible, and the exploit has been disclosed publicly (VDB-215112). Multiple source...
CVE-2022-36272
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter...
CVE-2022-36599
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists...
Sql injection
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists...
CVE-2022-36599
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists...
CVE-2022-36272
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter...