Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Veracode
Veracodeadded 2025/05/06 3:5 a.m.4 views

Arbitrary File Upload

net.mingsoft, ms-mcms is vulnerable to Arbitrary File Upload. The vulnerability is due to insufficient validation of uploaded files in MCMS, allowing attackers to upload and execute crafted files, leading to remote code execution...

9.8CVSS7.4AI score0.00217EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2024/05/07 4:15 p.m.7 views

CVE-2024-33748

Cross-site scripting XSS vulnerability in the search function in Maven net.mingsoft MS Basic 2.1.13.4 and earlier...

4.1CVSS5.8AI score0.00151EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/05/07 12:0 a.m.30 views

CVE-2024-33748

Cross-site scripting XSS vulnerability in the search function in Maven net.mingsoft MS Basic 2.1.13.4 and earlier...

6AI score0.00151EPSS
Exploits0References2
Veracode
Veracodeadded 2023/02/08 6:46 a.m.15 views

Arbitrary File Write

net.mingsoft:ms-mcms is vulnerable to Arbitrary File Write. An authenticated attacker is able to cause an arbitrary file write via the ms/template/writeFileContent.do component due to unrestricted file upload...

8.8CVSS8.4AI score0.00335EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2023/01/26 9:30 p.m.16 views

GHSA-65V6-3C9M-HMRP Arbitrary file write in net.mingsoft:ms-mcms

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

8.8CVSS8.8AI score0.00335EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2023/01/26 9:30 p.m.17 views

Arbitrary file write in net.mingsoft:ms-mcms

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do...

8.8CVSS8.6AI score0.00335EPSS
Exploits1References3Affected Software1
Veracode
Veracodeadded 2022/12/12 7:7 a.m.15 views

SQL Injection

net.mingsoft, ms-mcms is vulnerable to SQL injection. The vulnerability exists due to improper sanitization in the get function of categoryaction.java due to manipulation in the argument sqlWhere, via the /cms/category/list endpoint...

9.8CVSS9.5AI score0.26228EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blogadded 2022/03/05 12:0 a.m.36 views

Remote code execution in net.mingsoft:ms-mcms

net.mingsoft:ms-mcms =5.2.5 is affected by: RCE. The impact is: execute arbitrary code remote. The attack vector is: $"freemarker.template.utility.Execute"?new"calc". ¶¶ MCMS has a pre-auth RCE vulnerability through which allows unauthenticated attacker with network access via http to compromise...

9.8CVSS5AI score0.12262EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blogadded 2022/03/04 12:0 a.m.19 views

SQL injection in net.mingsoft:ms-mcms

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...

9.8CVSS3.3AI score0.00245EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blogadded 2022/03/04 12:0 a.m.18 views

SQL injection in net.mingsoft:ms-mcms

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

9.8CVSS4.2AI score0.75534EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2022/03/04 12:0 a.m.13 views

GHSA-968C-MM28-JFW4 SQL injection in net.mingsoft:ms-mcms

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...

9.8CVSS9.8AI score0.00245EPSS
Exploits1References3
Rows per page
Query Builder