234 matches found
MingSoft MCMS 安全漏洞
Mcms is a complete open source J2ee system from Jiangxi Mingsoft Technology Co. Mcms v5.1 version has a SQL injection vulnerability, which can be exploited by attackers to perform sql injection via /ms/cms/content/list.do...
mingSoft Mcms SQL Injection Vulnerability (CNVD-2022-09254)
MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms that stems from a database-based application that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...
mingSoft MCMS SQL Injection Vulnerability (CNVD-2022-09255)
MingSoft Mcms is China's Ming Fei MingSoft company a complete open source J2ee system . mingSoft MCMS suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to...
GHSA-QQC2-PV68-Q72H Mingsoft MCMS SQL injection vulnerability
Mingsoft MCMS contains a SQL injection vulnerability relating to the component net.mingsoft.mdiy.action.web.DictActionlist...
Mingsoft MCMS SQL injection vulnerability
Mingsoft MCMS contains a SQL injection vulnerability relating to the component net.mingsoft.mdiy.action.web.DictActionlist...
Mingsoft MCMS vulnerable to Remote Code Execution via file upload.
Mingsoft MCMS is a Java CMS. Versions prior to and including 5.2.5 contain a file upload vulnerability allowing for a jspx webshell to be uploaded via net.mingsoft.basic.action.web.FileActionupload, resulting in remote code execution. It is unclear if this issue has been patched...
GHSA-CWX9-RP4W-4545 Mingsoft MCMS vulnerable to Remote Code Execution via file upload.
Mingsoft MCMS is a Java CMS. Versions prior to and including 5.2.5 contain a file upload vulnerability allowing for a jspx webshell to be uploaded via net.mingsoft.basic.action.web.FileActionupload, resulting in remote code execution. It is unclear if this issue has been patched...
Mingsoft MCMS SQL injection vulnerability
Mingsoft MCMS contains a SQL injection vulnerability in the /querydata endpoint...
GHSA-PHWQ-9GC4-Q5C8 Mingsoft MCMS SQL injection vulnerability
Mingsoft MCMS contains a SQL injection vulnerability in the /querydata endpoint...
CVE-2021-46386
File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...
CVE-2021-46386
File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...
Unrestricted file upload
File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...
CVE-2021-46386
File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...
MingSoft Mcms SQL注入漏洞
MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms that stems from a database-based application that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...
CVE-2021-46386
Mingsoft MCMS
CVE-2021-46386
File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...
PT-2022-12683 · Mingsoft · Mingsoft Mcms
Name of the Vulnerable Software and Affected Versions: mingSoft MCMS versions prior to and including 5.2.5 Description: The issue allows remote attackers to execute arbitrary code via a crafted jspx webshell. The component affected is net.mingsoft.basic.action.web.FileActionupload, and the attack...
MingSoft MCMS 代码问题漏洞
MingSoft MCMS is a complete open source J2ee system from China's MingSoft. A code issue vulnerability exists in MingSoft MCMS, which stems from a file upload vulnerability in MCMS version =5.2.5. An attacker can exploit this vulnerability to execute arbitrary code remotely...
MingSoft Mcms SQL注入漏洞
MingSoft Mcms is China's Ming Fei MingSoft company a complete open source J2ee system . mingSoft MCMS suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to...
Unspecified Vulnerability in MingSoft Mcms
MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms v5.2.4, which stems from the lack of effective filtering of user-submitted data in the software's template management function, and can be exploited by an...