Vulnerabilities > Mingsoft

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-08	CVE-2020-22755	Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 5.0 File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. network low complexity mingsoft CWE-434	8.8
2023-01-26	CVE-2022-47042	Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 5.2.10/5.2.8/5.2.9 MCMS v5.2.10 and below was discovered to contain an arbitrary file write vulnerability via the component ms/template/writeFileContent.do. network low complexity mingsoft CWE-434	8.8
2022-12-21	CVE-2022-4640	Improper Enforcement of Message or Data Structure vulnerability in Mingsoft Mcms 5.2.9 A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. network low complexity mingsoft CWE-707	5.4
2022-12-09	CVE-2022-4375	SQL Injection vulnerability in Mingsoft Mcms A vulnerability was found in Mingsoft MCMS up to 5.2.9. network low complexity mingsoft CWE-89 critical	9.8
2022-12-08	CVE-2022-4350	Improper Enforcement of Message or Data Structure vulnerability in Mingsoft Mcms 5.2.8 A vulnerability, which was classified as problematic, was found in Mingsoft MCMS 5.2.8. network low complexity mingsoft CWE-707	6.1
2022-07-01	CVE-2022-31943	Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 5.2.8 MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability. network low complexity mingsoft CWE-434	7.5
2022-06-02	CVE-2022-29647	Cross-Site Request Forgery (CSRF) vulnerability in Mingsoft Mcms 5.2.7 An issue was discovered in MCMS 5.2.7. network mingsoft CWE-352	6.8
2022-06-02	CVE-2022-30506	Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 5.2.7 An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file. network low complexity mingsoft CWE-434	7.5
2022-05-11	CVE-2022-30047	SQL Injection vulnerability in Mingsoft Mcms 5.2.7 Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter. network low complexity mingsoft CWE-89	7.5
2022-05-11	CVE-2022-30048	SQL Injection vulnerability in Mingsoft Mcms 5.2.7 Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter. network low complexity mingsoft CWE-89	7.5

Vulnerabilities > Mingsoft {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mingsoft"}]}

Vulnerabilities > Mingsoft