Lucene search
MingsoftMcms
5 matches found
CVE-2021-46063
MCMS v5.2.5 was discovered to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module.
9.1CVSS9.3AI score0.10736EPSS
CVE-2021-46037
MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do.
8.1CVSS8.1AI score0.00234EPSS
CVE-2021-46036
An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code.
9.8CVSS9.7AI score0.10761EPSS
CVE-2021-46062
MCMS v5.2.5 was discovered to contain an arbitrary file deletion vulnerability via the component oldFileName.
7.1CVSS7AI score0.00171EPSS
CVE-2021-44868
A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do
9.8CVSS9.5AI score0.00532EPSS