pkg:Maven/net.mingsoft:ms-mcms

所有已知漏洞

• CRITICAL9.8CVE-2025-56316MCMS vulnerable SQL injection via the content_title parameter
  >= 5.5.0, < 6.0.2
• CRITICAL9.8CVE-2025-29287MCMS allows arbitrary file uploads in the ueditor component
  from 0, < 5.4.4
• CRITICAL9.8CVE-2020-20913Ming-Soft MCMS vulnerable to SQL injection
  from 0, < 5.1
• CRITICAL9.8CVE-2022-4375Mingsoft MCMS vulnerable to SQL Injection
  from 0, < 5.2.10
• CRITICAL9.8CVE-2022-36599Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models List
  from 0, <= 5.2.8
• CRITICAL9.8CVE-2022-36272Mingsoft MCMS SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter
  from 0, <= 5.2.8
• CRITICAL9.8CVE-2022-31943Unrestricted Upload of File with Dangerous Type in MCMS
• CRITICAL9.8CVE-2022-30506Code injection in MCMS
  from 0, <= 5.2.7
• CRITICAL9.8CVE-2021-46384Remote code execution in net.mingsoft:ms-mcms
  from 0, < 5.2.6
• CRITICAL9.8CVE-2022-23899SQL injection in net.mingsoft:ms-mcms
  from 0, <= 5.2.5
• CRITICAL9.8CVE-2022-23898SQL injection in net.mingsoft:ms-mcms
  from 0, <= 5.2.5
• CRITICAL9.8CVE-2021-46036File upload leading to RCE in MCMS
  from 0, <= 5.2.4
• CRITICAL9.8CVE-2021-44868SQL injection in MCMS
  from 0, <= 5.1
• CRITICAL9.8CVE-2020-23262SQL injection without credentials in ming-soft MCMS
  from 0, < 5.1
• CRITICAL9.8CVE-2021-46386Mingsoft MCMS vulnerable to Remote Code Execution via file upload.
  from 0, <= 5.2.5
• CRITICAL9.8CVE-2022-22929Arbitrary File Upload in Mingsoft MCMS
  from 0, <= 5.2.4
• CRITICAL9.8CVE-2022-22930RCE in Mingsoft MCMS
  from 0, < 5.2.9
• CRITICAL9.8CVE-2022-23315Arbitrary file upload in Mingsoft MCMS
  from 0, <= 5.2.4
• CRITICAL9.8CVE-2018-18830Unrestricted Upload of File with Dangerous Type in mingsoft:ms-mcms
  from 0, <= 4.6.5
• CRITICAL9.1CVE-2021-46063Server Side Template Injection in MCMS
  from 0, <= 5.2.5
• HIGH8.8CVE-2024-22567mingSoft MCMS File Upload vulnerability
  from 0, <= 5.3.5
• HIGH8.8CVE-2023-50578Mingsoft MCMS SQL injection
  from 0, <= 5.2.9
• HIGH8.8CVE-2020-22755MCMS vulnerable to arbitrary code execution via crafted thumbnail
  from 0, <= 5.0.0
• HIGH8.8CVE-2022-47042Arbitrary file write in net.mingsoft:ms-mcms
  from 0, < 5.2.11
• HIGH8.8CVE-2022-29647Cross Site Request Forgery in Mingsoft MCMS
  from 0, <= 5.2.7
• HIGH8.8CVE-2018-17366Mingsoft MCMS CSRF vulnerability
  from 0, <= 4.6.5
• HIGH8.8CVE-2022-27340Cross Site Request Forgery in Mingsoft MCMS
  from 0, <= 5.2.7
• HIGH8.1CVE-2021-46037Path traversal in MCMS
  from 0, <= 5.2.4
• HIGH7.5CVE-2023-51282Code injection in mingSoft MCMS
  from 0, <= 5.2.4
• HIGH7.5CVE-2021-46383Mingsoft MCMS SQL injection vulnerability
  from 0, < 5.2.6
• HIGH7.5CVE-2021-46385Mingsoft MCMS SQL injection vulnerability
  from 0, <= 5.2.5
• HIGH7.5CVE-2018-18831Path Traversal in minsoft:ms-mcms
  from 0, <= 4.6.5
• HIGH7.1CVE-2021-46062MCMS Arbitrary File Deletion vulnerability
  from 0, < 5.2.11
• MEDIUM6.1CVE-2025-60837MCMS reflected cross-site scripting (XSS) vulnerability
  from 0, <= 6.0.1
• MEDIUM5.4CVE-2022-4640Mingsoft MCMS Cross-site Scripting vulnerability
  from 0, <= 5.2.9
• MEDIUM4.7CVE-2026-2666mingSoft MCMS does not properly restrict file uploads
  from 0, <= 6.1.1
• LOW3.5CVE-2023-3990Cross-site Scripting in Mingsoft MCMS
  from 0, < 5.3.2
• —CVE-2022-4350Mingsoft MCMS vulnerable to Cross-site Scripting
  from 0, <= 5.2.8
• —CVE-2022-26585SQL injection in net.mingsoft:ms-mcms
  from 0, <= 5.2.7