Vulnerabilities > Mingsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-30 | CVE-2023-50578 | SQL Injection vulnerability in Mingsoft Mcms 5.2.9 Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do. | 9.8 |
| 2023-04-04 | CVE-2020-20913 | SQL Injection vulnerability in Mingsoft Mcms 4.7.2 SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basic_title parameter. | 9.8 |
| 2022-12-09 | CVE-2022-4375 | SQL Injection vulnerability in Mingsoft Mcms A vulnerability was found in Mingsoft MCMS up to 5.2.9. | 9.8 |
| 2022-08-16 | CVE-2022-36272 | SQL Injection vulnerability in Mingsoft Mcms 5.2.8 Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter. | 9.8 |
| 2022-08-16 | CVE-2022-36599 | SQL Injection vulnerability in Mingsoft Mcms 5.2.8 Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/model/delete URI via models Lists. | 9.8 |
| 2022-07-01 | CVE-2022-31943 | Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 5.2.8 MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability. | 9.8 |
| 2022-06-02 | CVE-2022-30506 | Unrestricted Upload of File with Dangerous Type vulnerability in Mingsoft Mcms 5.2.7 An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file. | 9.8 |
| 2022-05-11 | CVE-2022-30047 | SQL Injection vulnerability in Mingsoft Mcms 5.2.7 Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter. | 9.8 |
| 2022-05-11 | CVE-2022-30048 | SQL Injection vulnerability in Mingsoft Mcms 5.2.7 Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list URI via orderBy parameter. | 9.8 |
| 2022-05-02 | CVE-2022-27466 | SQL Injection vulnerability in Mingsoft Mcms 5.2.27 MCMS v5.2.27 was discovered to contain a SQL injection vulnerability in the orderBy parameter at /dict/list.do. | 9.8 |