180 matches found
CVE-2022-36599
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists...
CVE-2022-36272
Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter...
CVE-2022-30047
Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter...
CVE-2022-26585
Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability via /cms/content/list...
CVE-2022-30048
Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter...
MingSoft MCMS 安全漏洞
MingSoft MCMS is a complete open source J2ee system from China's MingFei MingSoft. A security vulnerability exists in MingSoft MCMS version v5.4.3, which stems from the ueditor component allowing the upload of specially crafted files, which could lead to the execution of arbitrary code...
MingSoft MCMS 安全漏洞
MingSoft MCMS is a complete open source J2ee system from China's MingFei MingSoft. A security vulnerability exists in MingSoft MCMS version v5.4.1, which stems from improper handling of the front-end file upload function, and could lead to remote command execution...
Code injection in mingSoft MCMS
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...
CVE-2023-51282
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...
CVE-2023-51282
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...
MingSoft MCMS Security Vulnerability
MingSoft MCMS is a complete open source J2ee system from China-based MingSoft. A security vulnerability exists in MingSoft MCMS version v.5.2.4, which originated from a vulnerability that allows remote attackers to obtain sensitive information via a carefully crafted script...
CVE-2023-51282
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...
PT-2024-14082 · Mingsoft · Mingsoft Mcms
Name of the Vulnerable Software and Affected Versions: mingSoft MCMS version 5.2.4 Description: An issue in mingSoft MCMS allows a remote attacker to obtain sensitive information via a crafted script to the password parameter. Recommendations: For mingSoft MCMS version 5.2.4, consider restricting...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
Sql injection
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
PT-2023-31596 · Mingsoft · Mingsoft Mcms
Name of the Vulnerable Software and Affected Versions: Mingsoft MCMS version 5.2.9 Description: A SQL injection issue was discovered in Mingsoft MCMS via the categoryType parameter at the "/content/list.do" API endpoint. This allows for potential exploitation. Recommendations: For Mingsoft MCMS...
CVE-2023-50578
Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do...
CVE-2023-50578
Mingsoft MCMS v5.2.9 is affected by a SQL injection via the categoryType parameter at /content/list.do. The vulnerability stems from unsanitized input, enabling attackers to execute arbitrary SQL commands. Reported impact includes potential data leakage, modification, or deletion. CVSSv3.1 is hig...