Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mingsoft mcms vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-47042
MCMS v5.2.10 and below exists to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do.
Mingsoft Mcms 5.2.8
Mingsoft Mcms 5.2.9
Mingsoft Mcms 5.2.10
7.5
CVSSv3
CVE-2021-46383
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.web.DictAction#list. The attack vector is: 0 or sleep(3). ¶¶ MCMS has a sql injection vulnerab...
Mingsoft Mcms
9.8
CVSSv3
CVE-2021-46384
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${"freemarker.template.utility.Execute"?new()("calc")}. ¶¶ MCMS has a pre-auth RCE vulnerability through which ...
Mingsoft Mcms
7.5
CVSSv3
CVE-2021-46385
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.FormDataAction#queryData. The attack vector is: 0 or sleep(3). ¶¶ MCMS has a sql injection vul...
Mingsoft Mcms
9.8
CVSSv3
CVE-2021-46386
File upload vulnerability in mingSoft MCMS up to and including 5.2.5, allows remote malicious users to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileAction#upload.
Mingsoft Mcms
9.8
CVSSv3
CVE-2022-4375
A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has been classified as critical. Affected is an unknown function of the file /cms/category/list. The manipulation of the argument sqlWhere leads to sql injection. It is possible to launch the attack remotely. The exploit ...
Mingsoft Mcms
6.1
CVSSv3
CVE-2023-3990
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate t...
Mingsoft Mcms
9.8
CVSSv3
CVE-2023-50578
Mingsoft MCMS v5.2.9 exists to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do.
Mingsoft Mcms 5.2.9
7.5
CVSSv3
CVE-2023-51282
An issue in mingSoft MCMS v.5.2.4 allows a a remote malicious user to obtain sensitive information via a crafted script to the password parameter.
Mingsoft Mcms 5.2.4
5.4
CVSSv3
CVE-2022-4640
A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been dis...
Mingsoft Mcms 5.2.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »