Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mingsoft mcms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-23898
MCMS v5.2.5 exists to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml.
Mingsoft Mcms 5.2.5
NA
CVE-2024-22567
File Upload vulnerability in MCMS 5.3.5 allows malicious users to upload arbitrary files via crafted POST request to /ms/file/upload.do.
Mingsoft Mcms 5.3.5
1 Github repository
NA
CVE-2022-4640
A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been dis...
Mingsoft Mcms 5.2.9
7.5
CVSSv2
CVE-2022-30048
Mingsoft MCMS 5.2.7 exists to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter.
Mingsoft Mcms 5.2.7
NA
CVE-2020-20913
SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote malicious user to execute arbitrary code via basic_title parameter.
Mingsoft Mcms 4.7.2
7.5
CVSSv2
CVE-2020-23262
An issue exists in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.
Mingsoft Mcms 5.0.0
7.5
CVSSv2
CVE-2022-31943
MCMS v5.2.8 exists to contain an arbitrary file upload vulnerability.
Mingsoft Mcms 5.2.8
7.5
CVSSv2
CVE-2022-23899
MCMS v5.2.5 exists to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java.
Mingsoft Mcms 5.2.5
7.5
CVSSv2
CVE-2022-25125
MCMS v5.2.4 exists to contain a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp.
Mingsoft Mcms 5.2.4
7.5
CVSSv2
CVE-2021-44868
A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do
Mingsoft Mcms 5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »