Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mingsoft mcms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4640
A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been dis...
Mingsoft Mcms 5.2.9
NA
CVE-2020-22755
File upload vulnerability in MCMS 5.0 allows malicious users to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943.
Mingsoft Mcms 5.0
NA
CVE-2022-36599
Mingsoft MCMS 5.2.8 exists to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists.
Mingsoft Mcms 5.2.8
668
VMScore
CVE-2021-46036
An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows malicious users to execute arbitrary code.
Mingsoft Mcms 5.2.4
668
VMScore
CVE-2021-44868
A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do
Mingsoft Mcms 5.1
668
VMScore
CVE-2022-27466
MCMS v5.2.27 exists to contain a SQL injection vulnerability in the orderBy parameter at /dict/list.do.
Mingsoft Mcms 5.2.27
668
VMScore
CVE-2022-22930
A remote code execution (RCE) vulnerability in the Template Management function of MCMS v5.2.4 allows malicious users to execute arbitrary code via a crafted payload.
Mingsoft Mcms 5.2.4
NA
CVE-2022-36272
Mingsoft MCMS 5.2.8 exists to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter.
Mingsoft Mcms 5.2.8
668
VMScore
CVE-2022-23314
MCMS v5.2.4 exists to contain a SQL injection vulnerability via /ms/mdiy/model/importJson.do.
Mingsoft Mcms 5.2.4
668
VMScore
CVE-2022-23315
MCMS v5.2.4 exists to contain an arbitrary file upload vulnerability via the component /ms/template/writeFileContent.do.
Mingsoft Mcms 5.2.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4