Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-22567

Published: 05/02/2024 Updated: 14/02/2024
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0

Vulnerability Summary

File Upload vulnerability in MCMS 5.3.5 allows malicious users to upload arbitrary files via crafted POST request to /ms/file/upload.do.

Vulnerable Product Search on Vulmon Subscribe to Product

mingsoft mcms 5.3.5

Github Repositories

https://github.com/labesterOct/CVE-2024-22567

File Upload vulnerability in MCMS 5.3.5

CVE-2024-22567 File Upload vulnerability in MCMS 535 File Upload vulnerability in MCMS 535 allows attackers to upload arbitrary files via crafted POST request to /ms/file/uploaddo Vendor: mingsoftnet/ Default credentials "msopen/msopen" can be used to log in Corresponding critical code for handling the issue @Api(tags={"后端-基础接口"

References

CWE-434https://github.com/h3ak/MCMS-CVE-Request/https://nvd.nist.govhttps://github.com/labesterOct/CVE-2024-22567
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scriptingCVE-2024-5158XML external entityCVE-2024-4262CVE-2024-2036CVE-2024-4985CVE-2024-21791remote attackersCVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook