Mcms Security Vulnerabilities and Issues — Mcms CVE List

Lucene search

MingsoftMcms

5 matches found

CVE•added 2023/01/26 9:18 p.m.•50 views

CVE-2022-47042

MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do.

8.8CVSS8.8AI score0.00219EPSS

CVE•added 2023/07/28 7:15 a.m.•48 views

CVE-2023-3990

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely....

6.1CVSS4.7AI score0.06179EPSS

CVE•added 2023/04/04 3:15 p.m.•42 views

CVE-2020-20913

SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basic_title parameter.

9.8CVSS9.8AI score0.03613EPSS

CVE•added 2023/05/08 2:15 p.m.•40 views

CVE-2020-22755

File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943.

8.8CVSS9.2AI score0.00364EPSS

CVE•added 2023/12/30 4:15 p.m.•29 views

CVE-2023-50578

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do.

9.8CVSS9.8AI score0.00269EPSS