Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mingsoft mcms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-25125
MCMS v5.2.4 exists to contain a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp.
Mingsoft Mcms 5.2.4
7.5
CVSSv2
CVE-2022-23899
MCMS v5.2.5 exists to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java.
Mingsoft Mcms 5.2.5
7.5
CVSSv2
CVE-2018-18830
An issue exists in com\mingsoft\basic\action\web\FileAction.java in MCMS 4.6.5. Since the upload interface does not verify the user login status, you can use this interface to upload files without setting a cookie. First, start an upload of JSP code with a .png filename, and then...
Mingsoft Mcms 4.6.5
5.8
CVSSv2
CVE-2021-46062
MCMS v5.2.5 exists to contain an arbitrary file deletion vulnerability via the component oldFileName.
Mingsoft Mcms 5.2.5
7.5
CVSSv2
CVE-2020-23262
An issue exists in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.
Mingsoft Mcms 5.0.0
7.5
CVSSv2
CVE-2022-23898
MCMS v5.2.5 exists to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml.
Mingsoft Mcms 5.2.5
NA
CVE-2020-20913
SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote malicious user to execute arbitrary code via basic_title parameter.
Mingsoft Mcms 4.7.2
NA
CVE-2020-22755
File upload vulnerability in MCMS 5.0 allows malicious users to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943.
Mingsoft Mcms 5.0
7.5
CVSSv2
CVE-2022-26585
Mingsoft MCMS v5.2.7 exists to contain a SQL injection vulnerability via /cms/content/list.
Mingsoft Mcms 5.2.7
7.5
CVSSv2
CVE-2021-44868
A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do
Mingsoft Mcms 5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »