Mccms Security Vulnerabilities and Issues — Mccms CVE List

Lucene search

ChshcmsMccms

3 matches found

cve•added 2023/04/28 8:15 p.m.•32 views

CVE-2023-26781

SQL injection vulnerability in mccms 2.6 allows remote attackers to run arbitrary SQL commands via Author Center ->Reader Comments ->Search.

9.8CVSS9.7AI score0.00269EPSS

cve•added 2023/04/28 3:15 p.m.•31 views

CVE-2023-29815

mccms v2.6.3 is vulnerable to Cross Site Request Forgery (CSRF).

8.8CVSS8.6AI score0.00073EPSS

cve•added 2023/04/28 8:15 p.m.•30 views

CVE-2023-26782

An issue discovered in mccms 2.6.1 allows remote attackers to cause a denial of service via Backend management interface ->System Configuration->Cache Configuration->Cache security characters.

6.5CVSS6.4AI score0.00242EPSS