Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mingsoft mcms 5.2.5 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2021-46062
MCMS v5.2.5 exists to contain an arbitrary file deletion vulnerability via the component oldFileName.
Mingsoft Mcms 5.2.5
9.8
CVSSv3
CVE-2022-23898
MCMS v5.2.5 exists to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml.
Mingsoft Mcms 5.2.5
9.8
CVSSv3
CVE-2022-23899
MCMS v5.2.5 exists to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java.
Mingsoft Mcms 5.2.5
9.1
CVSSv3
CVE-2021-46063
MCMS v5.2.5 exists to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module.
Mingsoft Mcms 5.2.5
3 Github repositories
9.8
CVSSv3
CVE-2021-46386
File upload vulnerability in mingSoft MCMS up to and including 5.2.5, allows remote malicious users to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileAction#upload.
Mingsoft Mcms
7.5
CVSSv3
CVE-2021-46383
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.web.DictAction#list. The attack vector is: 0 or sleep(3). ¶¶ MCMS has a sql injection vulnerab...
Mingsoft Mcms
7.5
CVSSv3
CVE-2021-46385
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.FormDataAction#queryData. The attack vector is: 0 or sleep(3). ¶¶ MCMS has a sql injection vul...
Mingsoft Mcms
9.8
CVSSv3
CVE-2021-46384
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${"freemarker.template.utility.Execute"?new()("calc")}. ¶¶ MCMS has a pre-auth RCE vulnerability through which ...
Mingsoft Mcms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started