Description

A problem was found in ming-soft MCMS v5.1. There is a sql injection vulnerability in /ms/cms/content/list.do

Remediation

References

https://github.com/ming-soft/MCMS/issues/58

Related Vulnerabilities

CVE-2020-28477 Vulnerability in maven package org.webjars.npm:immer

CVE-2023-39013 Vulnerability in maven package no.priv.garshol.duke:duke

CVE-2020-7762 Vulnerability in npm package jsreport-chrome-pdf

CVE-2021-23470 Vulnerability in npm package putil-merge

CVE-2022-38179 Vulnerability in maven package io.ktor:ktor-utils

Severity

Critical

Classification

CWE-89 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Issue Tracking Third Party Advisory