[MAVEN:GHSA-H3HW-G4HM-7GR4] SQL injection without credentials in ming-soft MCMS
Severity
Critical
Affected Packages
1
Fixed Packages
1
CVEs
1
An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.
Package | Affected Version |
---|---|
pkg:maven/net.mingsoft/ms-mcms | < 5.1 |
Package | Fixed Version |
---|---|
pkg:maven/net.mingsoft/ms-mcms | = 5.1 |
- ID
- MAVEN:GHSA-H3HW-G4HM-7GR4
- Severity
- critical
- URL
- https://github.com/advisories/GHSA-h3hw-g4hm-7gr4
- Published
-
2022-02-09T22:18:13
(2 years ago) - Modified
-
2023-02-01T05:05:23
(19 months ago) - Rights
- Maven Security Team
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |