Lucene search
+L

234 matches found

CNNVD
CNNVD
added 2022/02/17 12:0 a.m.6 views

MingSoft MCMS 安全漏洞

Mcms is a complete open source J2ee system from Jiangxi Mingsoft Technology Co. Mcms v5.1 version has a SQL injection vulnerability, which can be exploited by attackers to perform sql injection via /ms/cms/content/list.do...

9.8CVSS5.9AI score0.01385EPSS
Exploits1References2
CNVD
CNVD
added 2022/01/28 12:0 a.m.14 views

mingSoft Mcms SQL Injection Vulnerability (CNVD-2022-09254)

MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms that stems from a database-based application that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

7.5CVSS7.7AI score0.01563EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/28 12:0 a.m.47 views

mingSoft MCMS SQL Injection Vulnerability (CNVD-2022-09255)

MingSoft Mcms is China's Ming Fei MingSoft company a complete open source J2ee system . mingSoft MCMS suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to...

7.5CVSS7.7AI score0.01524EPSS
Exploits1References1
OSV
OSV
added 2022/01/27 12:1 a.m.42 views

GHSA-QQC2-PV68-Q72H Mingsoft MCMS SQL injection vulnerability

Mingsoft MCMS contains a SQL injection vulnerability relating to the component net.mingsoft.mdiy.action.web.DictActionlist...

7.5CVSS7.7AI score0.01563EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/01/27 12:1 a.m.20 views

Mingsoft MCMS SQL injection vulnerability

Mingsoft MCMS contains a SQL injection vulnerability relating to the component net.mingsoft.mdiy.action.web.DictActionlist...

7.5CVSS8.2AI score0.01563EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/01/27 12:1 a.m.17 views

Mingsoft MCMS vulnerable to Remote Code Execution via file upload.

Mingsoft MCMS is a Java CMS. Versions prior to and including 5.2.5 contain a file upload vulnerability allowing for a jspx webshell to be uploaded via net.mingsoft.basic.action.web.FileActionupload, resulting in remote code execution. It is unclear if this issue has been patched...

9.8CVSS6.2AI score0.03111EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/01/27 12:1 a.m.36 views

GHSA-CWX9-RP4W-4545 Mingsoft MCMS vulnerable to Remote Code Execution via file upload.

Mingsoft MCMS is a Java CMS. Versions prior to and including 5.2.5 contain a file upload vulnerability allowing for a jspx webshell to be uploaded via net.mingsoft.basic.action.web.FileActionupload, resulting in remote code execution. It is unclear if this issue has been patched...

9.8CVSS9.9AI score0.03111EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/01/27 12:0 a.m.18 views

Mingsoft MCMS SQL injection vulnerability

Mingsoft MCMS contains a SQL injection vulnerability in the /querydata endpoint...

7.5CVSS8.1AI score0.01524EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/01/27 12:0 a.m.30 views

GHSA-PHWQ-9GC4-Q5C8 Mingsoft MCMS SQL injection vulnerability

Mingsoft MCMS contains a SQL injection vulnerability in the /querydata endpoint...

7.5CVSS7.8AI score0.01524EPSS
Exploits1References3
NVD
NVD
added 2022/01/26 5:15 p.m.23 views

CVE-2021-46386

File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...

9.8CVSS0.03111EPSS
Exploits1References1
OSV
OSV
added 2022/01/26 5:15 p.m.5 views

CVE-2021-46386

File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...

9.8CVSS7.6AI score
Exploits0References1
Prion
Prion
added 2022/01/26 5:15 p.m.16 views

Unrestricted file upload

File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...

7.5CVSS9.6AI score0.03111EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/26 5:15 p.m.6 views

CVE-2021-46386

File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...

9.8CVSS8.3AI score0.03111EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.8 views

MingSoft Mcms SQL注入漏洞

MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms that stems from a database-based application that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

7.5CVSS6AI score0.01563EPSS
Exploits1References2
CVE
CVE
added 2022/01/26 12:0 a.m.69 views

CVE-2021-46386

Mingsoft MCMS

9.8CVSS9.6AI score0.03111EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/01/26 12:0 a.m.34 views

CVE-2021-46386

File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileActionupload...

9.8AI score0.03111EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/01/26 12:0 a.m.4 views

PT-2022-12683 · Mingsoft · Mingsoft Mcms

Name of the Vulnerable Software and Affected Versions: mingSoft MCMS versions prior to and including 5.2.5 Description: The issue allows remote attackers to execute arbitrary code via a crafted jspx webshell. The component affected is net.mingsoft.basic.action.web.FileActionupload, and the attack...

9.8CVSS9.5AI score0.03111EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.5 views

MingSoft MCMS 代码问题漏洞

MingSoft MCMS is a complete open source J2ee system from China's MingSoft. A code issue vulnerability exists in MingSoft MCMS, which stems from a file upload vulnerability in MCMS version =5.2.5. An attacker can exploit this vulnerability to execute arbitrary code remotely...

9.8CVSS8.8AI score0.03111EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.5 views

MingSoft Mcms SQL注入漏洞

MingSoft Mcms is China's Ming Fei MingSoft company a complete open source J2ee system . mingSoft MCMS suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to...

7.5CVSS6.1AI score0.01524EPSS
Exploits1References2
CNVD
CNVD
added 2022/01/24 12:0 a.m.32 views

Unspecified Vulnerability in MingSoft Mcms

MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms v5.2.4, which stems from the lack of effective filtering of user-submitted data in the software's template management function, and can be exploited by an...

9.8CVSS9.7AI score0.23694EPSS
Exploits1References1
Rows per page
Query Builder