Vulnerabilities > Mkcms Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-03	CVE-2020-22818	SQL Injection vulnerability in Mkcms Project Mkcms 6.2 MKCMS V6.2 has SQL injection via /ucenter/reg.php name parameter. network low complexity mkcms-project CWE-89 critical	9.8
2022-11-03	CVE-2020-22819	SQL Injection vulnerability in Mkcms Project Mkcms 6.2 MKCMS V6.2 has SQL injection via the /ucenter/active.php verify parameter. network low complexity mkcms-project CWE-89 critical	9.8
2022-11-03	CVE-2020-22820	SQL Injection vulnerability in Mkcms Project Mkcms 6.2 MKCMS V6.2 has SQL injection via the /ucenter/repass.php name parameter. network low complexity mkcms-project CWE-89 critical	9.8
2019-04-18	CVE-2019-11332	Unspecified vulnerability in Mkcms Project Mkcms 5.0 MKCMS 5.0 allows remote attackers to take over arbitrary user accounts by posting a username and e-mail address to ucenter/repass.php, which triggers e-mail transmission with the password, as demonstrated by 123456. network low complexity mkcms-project	8.8
2019-04-11	CVE-2019-11078	Cross-Site Request Forgery (CSRF) vulnerability in Mkcms Project Mkcms 5.0 MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI. network low complexity mkcms-project CWE-352	8.8
2019-04-02	CVE-2019-10707	SQL Injection vulnerability in Mkcms Project Mkcms 5.0 MKCMS V5.0 has SQL injection via the bplay.php play parameter. network low complexity mkcms-project CWE-89 critical	9.8

Vulnerabilities > Mkcms Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mkcms Project"}]}