Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 10:55 a.m.1 views

CVE-2022-23899

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...

9.8CVSS8.2AI score0.00245EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-1389

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00245EPSS
Exploits1References3
OSV
OSVadded 2022/03/04 12:0 a.m.22 views

GHSA-P94Q-9Q2M-PFH2 SQL injection in net.mingsoft:ms-mcms

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

9.8CVSS9.8AI score0.75534EPSS
Exploits1References3
OSV
OSVadded 2022/03/04 12:0 a.m.13 views

GHSA-968C-MM28-JFW4 SQL injection in net.mingsoft:ms-mcms

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...

9.8CVSS9.8AI score0.00245EPSS
Exploits1References3
NVD
NVDadded 2022/03/03 7:15 p.m.11 views

CVE-2022-23898

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

9.8CVSS0.75534EPSS
Exploits1References1
NVD
NVDadded 2022/03/03 7:15 p.m.9 views

CVE-2022-23899

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...

9.8CVSS0.00245EPSS
Exploits1References1
Prion
Prionadded 2022/03/03 7:15 p.m.11 views

Sql injection

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...

7.5CVSS9.8AI score0.00245EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/03/03 7:15 p.m.9 views

Sql injection

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

7.5CVSS9.8AI score0.75534EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/03/03 6:1 p.m.13 views

CVE-2022-23899

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java...

10AI score0.00245EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/03/03 6:1 p.m.11 views

CVE-2022-23898

MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml...

10AI score0.75534EPSS
Exploits1References1
CVE
CVEadded 2022/03/03 6:1 p.m.114 views

CVE-2022-23898

MCMS v5.2.5 contains a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml. Exploitation could allow an attacker to read/modify data and perform unauthorized administrative operations within the affected site; CVSSv3.1 is 9.8 (CRITICAL). Remediation: apply the ven...

9.8CVSS9.8AI score0.75534EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/03/03 6:1 p.m.97 views

CVE-2022-23899

CVE-2022-23899 concerns MCMS v5.2.5, where a SQL injection vulnerability exists through the search.do endpoint in the file /web/MCmsAction.java. The issue is documented across multiple feeds (NVD, Red Hat, CNVD, OSV, GHSA, etc.) and consistently described as SQL injection in the MingSoft MCMS sys...

9.8CVSS9.8AI score0.00245EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2022/02/19 12:1 a.m.14 views

GHSA-GC79-GH4F-9G6W Server Side Template Injection in MCMS

MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...

9.1CVSS9.4AI score0.10736EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2022/02/19 12:1 a.m.41 views

Server Side Template Injection in MCMS

MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...

9.1CVSS3.2AI score0.10736EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2022/02/18 8:15 p.m.11 views

CVE-2021-46063

MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...

9.1CVSS0.10736EPSS
Exploits1References1
Prion
Prionadded 2022/02/18 8:15 p.m.10 views

Arbitrary file deletion

MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName...

5.8CVSS6.9AI score0.00171EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/02/18 8:15 p.m.13 views

Sql injection

MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...

6.4CVSS9.4AI score0.10736EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/02/18 7:36 p.m.111 views

CVE-2021-46063

CVE-2021-46063 corresponds to a Server-Side Template Injection (SSTI) in MCMS v5.2.5, via the Template Management module. The issue is a SSTI vulnerability in MCMS 5.2.5 that can affect integrity and availability (per CVSS-3.1 base metrics: 9.1, CRITICAL) and is network-exploitable with low attac...

9.1CVSS9.3AI score0.10736EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/02/18 7:36 p.m.12 views

CVE-2021-46063

MCMS v5.2.5 was discovered to contain a Server Side Template Injection SSTI vulnerability via the Template Management module...

9.6AI score0.10736EPSS
Exploits1References1
CVE
CVEadded 2022/02/18 7:36 p.m.103 views

CVE-2021-46062

MCMS 5.2.5 is affected by an arbitrary file deletion vulnerability in the oldFileName handling. The issue arises from ms-basic

7.1CVSS7AI score0.00171EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder