11 matches found
CVE-2025-5328
CVE-2025-5328 affects chshcms mccms v2.7. The issue is in the function restore_del of /sys/apps/controllers/admin/Backups.php, where manipulating the dirs argument enables path traversal. A remote attacker can exploit this; the exploit has been disclosed publicly and vendor contact occurred witho...
CVE-2025-5327
CVE-2025-5327 affects the chshcms mccms 2.7 platform. The issue resides in the index function of sys/apps/controllers/api/Gf.php where manipulating the parameter pic triggers a server-side request forgery (SSRF). Attacks are described as removable/remote, and the exploit is publicly disclosed. Th...
CVE-2023-3235
CVE-2023-3235 affects mccms up to 2.6.5. The vulnerability lies in the pic_api function in sys/apps/controllers/admin/Comic.php, where manipulation of the url parameter enables server-side request forgery (SSRF) and can be triggered remotely. Public exploitation has been disclosed. Affected versi...
CVE-2023-26782
CVE-2023-26782 applies to mccms 2.6.1. The issue is a DoS vulnerability in the Backend management interface, specifically under System Configuration → Cache Configuration → Cache security characters. The available documents identify the affected software and the vulnerable path but do not provide...
CVE-2023-3236
The CVE-2023-3236 entry concerns mccms up to version 2.6.5, where the pic_save function in sys/apps/controllers/admin/Comic.php accepts a pic argument that can be manipulated to trigger server-side request forgery (SSRF). The vulnerability enables remote initiation and has public exploitation dis...
CVE-2023-29815
The CVE-2023-29815 entry affects mccms v2.6.3 and is a Cross Site Request Forgery (CSRF) vulnerability. The available sources confirm the vulnerable component (mccms v2.6.3) and classify the impact as high (CVSS: 8.8, NETWORK attack vector, user interaction required). Connected documents do not p...
CVE-2023-26781
CVE-2023-26781 affects mccms 2.6. The vulnerability is a SQL injection in the Author Center → Reader Comments → Search function, enabling remote attackers to execute arbitrary SQL via user input. The entry consistently lists a critical impact with CVSS v3.1 base score 9.8 (AV:N/AC:L/PR:N/UI:N/S:U...
CVE-2023-5029
CVE-2023-5029 affects mccms 2.6, specifically the file path /category/order/hits/copyright/46/finish/1/list/1. The issue is a SQL injection vulnerability exploitable by manipulating input, e.g., "1". The vulnerability has been disclosed publicly (VDB-239871) and is described as critical/high impa...
CVE-2025-50234
Summary: MCCMS v2.7.0 contains an SSRF vulnerability in the index() method of sys/apps/controllers/api/Gf.php where the pic parameter is decrypted via sys_auth($pic,1) using a hard-coded key Mc_Encryption_Key (bD2voYwPpNuJ7B8) defined in db.php. The decrypted URL is passed to geturl(), which uses...
CVE-2025-51651
The CVE-2025-51651 issue affects MCCMS v2.7.0, specifically the /admin/Backups.php component. An authenticated attacker can trigger an arbitrary file download by sending a crafted GET request, implying that sensitive files on the server may be exposed. The vulnerability stems from improper access...
CVE-2025-51818
CVE-2025-51818 affects MCCMS 2.7.0; Backups.php allows arbitrary file deletion and can enable arbitrary command execution. Root cause and affected component are described across multiple sources (e.g., Red Hat, PT Security, NVD). No remediation/version fix details are provided in the connected do...