Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mingsoft mcms 5.2.5 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2022-23898
MCMS v5.2.5 exists to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml.
Mingsoft Mcms 5.2.5
516
VMScore
CVE-2021-46062
MCMS v5.2.5 exists to contain an arbitrary file deletion vulnerability via the component oldFileName.
Mingsoft Mcms 5.2.5
571
VMScore
CVE-2021-46063
MCMS v5.2.5 exists to contain a Server Side Template Injection (SSTI) vulnerability via the Template Management module.
Mingsoft Mcms 5.2.5
3 Github repositories
668
VMScore
CVE-2022-23899
MCMS v5.2.5 exists to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java.
Mingsoft Mcms 5.2.5
668
VMScore
CVE-2021-46386
File upload vulnerability in mingSoft MCMS up to and including 5.2.5, allows remote malicious users to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileAction#upload.
Mingsoft Mcms
445
VMScore
CVE-2021-46383
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.web.DictAction#list. The attack vector is: 0 or sleep(3). ¶¶ MCMS has a sql injection vulnerab...
Mingsoft Mcms
445
VMScore
CVE-2021-46385
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.FormDataAction#queryData. The attack vector is: 0 or sleep(3). ¶¶ MCMS has a sql injection vul...
Mingsoft Mcms
668
VMScore
CVE-2021-46384
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${"freemarker.template.utility.Execute"?new()("calc")}. ¶¶ MCMS has a pre-auth RCE vulnerability through which ...
Mingsoft Mcms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started