Lucene search
K

36 matches found

Cvelist
Cvelist
added 2021/09/09 5:44 p.m.21 views

CVE-2020-19263

A cross-site request forgery CSRF in MipCMS v5.0.1 allows attackers to arbitrarily escalate user privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit...

8.9AI score0.00661EPSS
Exploits1References1
CVE
CVE
added 2021/09/09 5:44 p.m.52 views

CVE-2020-19263

CVE-2020-19263 is a CSRF vulnerability in MipCMS v5.0.1 that allows an attacker to arbitrarily escalate privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit. The NVD entry documents this as a CSRF with the impact of elevating privileges (C/H/I/A high) and a CVSS v3.1 base score...

8.8CVSS8.8AI score0.00661EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.3 views

MipCMS 跨站请求伪造漏洞

MipCMS is a software application. A content management system based on Baidu Mobile Accelerator MIP and is also a SEO site building system. A security vulnerability exists in MipCMS version 5.0.1, which originates from the lack of valid validation for index.php?s=/user/ApiAdminUser/itemEdit in th...

8.8CVSS7.8AI score0.00661EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.6 views

MipCMS 跨站请求伪造漏洞

MipCMS is a software application. A set of content management system based on Baidu Mobile Accelerator MIP and development, but also a set of SEO site building system. MipCMS version 5.0.1 has a security vulnerability, the vulnerability stems from the lack of valid validation in the software...

6.5CVSS6.5AI score0.00565EPSS
Exploits1References2
CNVD
CNVD
added 2021/07/09 12:0 a.m.19 views

MipCMS server-side request forgery vulnerability

MipCMS is an application software. A content management system based on Baidu Mobile Accelerator MIP and an SEO website building system. mipCMS 5.0.1 has a server-side request forgery vulnerability that can be exploited by attackers to access sensitive information...

7.5CVSS3.9AI score0.01067EPSS
Exploits1References1
OSV
OSV
added 2021/07/08 4:15 p.m.4 views

CVE-2020-20582

A server side request forgery SSRF vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information...

7.5CVSS5.8AI score0.01067EPSS
Exploits1References1
NVD
NVD
added 2021/07/08 4:15 p.m.19 views

CVE-2020-20582

A server side request forgery SSRF vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information...

7.5CVSS0.01067EPSS
Exploits1References1
Prion
Prion
added 2021/07/08 4:15 p.m.19 views

Server side request forgery (ssrf)

A server side request forgery SSRF vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information...

5CVSS7.5AI score0.01067EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/07/08 3:44 p.m.57 views

CVE-2020-20582

MipCMS 5.0.1 contains a server-side request forgery (SSRF) in /ApiAdminDomainSettings.php that can be exploited to access sensitive information. The issue is confirmed across multiple connected sources (CVE listings and vendor/ CNVD-type records) and is described consistently as an SSRF affecting...

7.5CVSS7.5AI score0.01067EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/07/08 3:44 p.m.29 views

CVE-2020-20582

A server side request forgery SSRF vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information...

7.5AI score0.01067EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/07/08 12:0 a.m.3 views

MipCMS 代码问题漏洞

MipCMS is an application software. A content management system based on Baidu Mobile Accelerator MIP and an SEO website building system. mipCMS 5.0.1 has a server-side request forgery vulnerability that can be exploited by attackers to access sensitive information...

7.5CVSS5.6AI score0.01067EPSS
Exploits1References2
CNVD
CNVD
added 2021/02/22 12:0 a.m.3 views

SSRF Vulnerability in MIPCMS

MIPCMS is a free and open source based on Baidu mobile gas pedal MIP engine articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO optimized after the station-building system. MIPCMS there are SSRF...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/06/21 12:0 a.m.1 views

Remote Code Execution Vulnerability in MIPCMS

MIPCMS is a free and open source based on Baidu mobile gas pedal MIP engine articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO optimized after the station-building system. MIPCMS remote code execution...

8.1AI score
Exploits0
CNVD
CNVD
added 2018/01/25 12:0 a.m.3 views

Remote Code Execution Vulnerability in MIPCMS V3.1.0

MIPCMS is a free and open source based on Baidu mobile gas pedal MIP engine articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO optimized after the station-building system. MIPCMS V3.1.0 remote code...

8.1AI score
Exploits0
CNVD
CNVD
added 2017/10/30 12:0 a.m.2 views

SQL Injection Vulnerability in MIPCMS ApiAdminUser.php Page

MIPCMS is a free and open source based on Baidu Mobile Accelerator MIP engine based on the development of articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO-optimized after the station-building system. A...

7.8AI score
Exploits0
CNVD
CNVD
added 2017/09/01 12:0 a.m.4 views

SQL Injection Vulnerability in MIPCMS ApiAdminTag.php Page

MIPCMS is a free and open source based on Baidu Mobile Accelerator MIP engine based on the development of articles, information, content management system, but also the system for the Internet webmasters, entrepreneurs and other groups to create SEO-optimized after the station-building system. A...

7.8AI score
Exploits0
Rows per page
Query Builder