Mingsoft MCMS 漏洞列表

共找到 3 个与 Mingsoft MCMS 相关的漏洞

📅 加载漏洞趋势中...

CVE-2022-26585: Mingsoft MCMS v5.2.7 - SQL Injection POC

日期: 2025-08-01 | 影响软件: Mingsoft MCMS

Mingsoft MCMS v5.2.7 contains an SQL injection vulnerability via /cms/content/list that allows unauthenticated attackers to execute arbitrary SQL commands on the affected database server.
CVE-2022-4375: Mingsoft MCMS - SQL Injection POC

日期: 2025-08-01 | 影响软件: Mingsoft MCMS

SQL injection vulnerability in Mingsoft MCMS up to 5.2.9 via the sqlWhere parameter in /cms/category/list.
CVE-2023-3990: Mingsoft MCMS < 5.3.1 - Cross-Site Scripting POC

日期: 2025-08-01 | 影响软件: Mingsoft MCMS

A vulnerability classified as problematic has been found in Mingsoft MCMS up to 5.3.1. This affects an unknown part of the file search.do of the component HTTP POST Request Handler. The manipulation of the argument style leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-235611.