Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mingsoft mcms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47042
MCMS v5.2.10 and below exists to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do.
Mingsoft Mcms 5.2.8
Mingsoft Mcms 5.2.9
Mingsoft Mcms 5.2.10
5
CVSSv2
CVE-2021-46385
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.FormDataAction#queryData. The attack vector is: 0 or sleep(3). ¶¶ MCMS has a sql injection vul...
Mingsoft Mcms
NA
CVE-2023-3990
A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate t...
Mingsoft Mcms
NA
CVE-2022-4375
A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has been classified as critical. Affected is an unknown function of the file /cms/category/list. The manipulation of the argument sqlWhere leads to sql injection. It is possible to launch the attack remotely. The exploit ...
Mingsoft Mcms
5
CVSSv2
CVE-2021-46383
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.web.DictAction#list. The attack vector is: 0 or sleep(3). ¶¶ MCMS has a sql injection vulnerab...
Mingsoft Mcms
7.5
CVSSv2
CVE-2021-46384
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${"freemarker.template.utility.Execute"?new()("calc")}. ¶¶ MCMS has a pre-auth RCE vulnerability through which ...
Mingsoft Mcms
7.5
CVSSv2
CVE-2021-46386
File upload vulnerability in mingSoft MCMS up to and including 5.2.5, allows remote malicious users to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileAction#upload.
Mingsoft Mcms
7.5
CVSSv2
CVE-2022-30047
Mingsoft MCMS v5.2.7 exists to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter.
Mingsoft Mcms 5.2.7
1 Github repository
7.5
CVSSv2
CVE-2022-30048
Mingsoft MCMS 5.2.7 exists to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter.
Mingsoft Mcms 5.2.7
NA
CVE-2023-51282
An issue in mingSoft MCMS v.5.2.4 allows a a remote malicious user to obtain sensitive information via a crafted script to the password parameter.
Mingsoft Mcms 5.2.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »