| CVE-2026-2666 |
high |
7.2 |
7.2 |
3mo ago |
mingSoft MCMS does not properly restrict file uploads |
|
| CVE-2025-60837 |
unknown |
— |
— |
7mo ago |
MCMS reflected cross-site scripting (XSS) vulnerability |
|
| CVE-2025-56316 |
unknown |
— |
— |
7mo ago |
MCMS vulnerable SQL injection via the content_title parameter |
|
| CVE-2025-29287 |
unknown |
— |
— |
1y ago |
MCMS allows arbitrary file uploads in the ueditor component |
|
| CVE-2024-22567 |
unknown |
— |
— |
2y ago |
mingSoft MCMS File Upload vulnerability |
|
| CVE-2023-51282 |
unknown |
— |
— |
2y ago |
Code injection in mingSoft MCMS |
|
| CVE-2023-50578 |
unknown |
— |
— |
2y ago |
Mingsoft MCMS SQL injection |
|
| CVE-2023-3990 |
unknown |
— |
— |
3y ago |
Cross-site Scripting in Mingsoft MCMS |
|
| CVE-2020-22755 |
unknown |
— |
— |
3y ago |
MCMS vulnerable to arbitrary code execution via crafted thumbnail |
|
| CVE-2020-20913 |
unknown |
— |
— |
3y ago |
Ming-Soft MCMS vulnerable to SQL injection |
|
| CVE-2022-47042 |
unknown |
— |
— |
3y ago |
Arbitrary file write in net.mingsoft:ms-mcms |
|
| CVE-2022-4640 |
unknown |
— |
— |
4y ago |
Mingsoft MCMS Cross-site Scripting vulnerability |
|
| CVE-2022-4375 |
unknown |
— |
— |
4y ago |
Mingsoft MCMS vulnerable to SQL Injection |
|
| CVE-2022-4350 |
unknown |
— |
— |
4y ago |
Mingsoft MCMS vulnerable to Cross-site Scripting |
|
| CVE-2022-36272 |
unknown |
— |
— |
4y ago |
Mingsoft MCMS SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter |
|
| CVE-2022-36599 |
unknown |
— |
— |
4y ago |
Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models List |
|
| CVE-2022-31943 |
unknown |
— |
— |
4y ago |
Unrestricted Upload of File with Dangerous Type in MCMS |
|
| CVE-2022-30506 |
unknown |
— |
— |
4y ago |
Code injection in MCMS |
|
| CVE-2022-29647 |
unknown |
— |
— |
4y ago |
Cross Site Request Forgery in Mingsoft MCMS |
|
| CVE-2018-17366 |
unknown |
— |
— |
4y ago |
Mingsoft MCMS CSRF vulnerability |
|
| CVE-2022-27340 |
unknown |
— |
— |
4y ago |
Cross Site Request Forgery in Mingsoft MCMS |
|
| CVE-2022-26585 |
unknown |
— |
— |
4y ago |
SQL injection in net.mingsoft:ms-mcms |
|
| CVE-2021-46384 |
unknown |
— |
— |
4y ago |
Remote code execution in net.mingsoft:ms-mcms |
|
| CVE-2022-23899 |
unknown |
— |
— |
4y ago |
SQL injection in net.mingsoft:ms-mcms |
|
| CVE-2022-23898 |
unknown |
— |
— |
4y ago |
SQL injection in net.mingsoft:ms-mcms |
|
| CVE-2021-46036 |
unknown |
— |
— |
4y ago |
File upload leading to RCE in MCMS |
|
| CVE-2021-46037 |
unknown |
— |
— |
4y ago |
Path traversal in MCMS |
|
| CVE-2021-46063 |
unknown |
— |
— |
4y ago |
Server Side Template Injection in MCMS |
|
| CVE-2021-46062 |
unknown |
— |
— |
4y ago |
MCMS Arbitrary File Deletion vulnerability |
|
| CVE-2021-44868 |
unknown |
— |
— |
4y ago |
SQL injection in MCMS |
|
| CVE-2020-23262 |
unknown |
— |
— |
4y ago |
SQL injection without credentials in ming-soft MCMS |
|
| CVE-2021-46383 |
unknown |
— |
— |
4y ago |
Mingsoft MCMS SQL injection vulnerability |
|
| CVE-2021-46386 |
unknown |
— |
— |
4y ago |
Mingsoft MCMS vulnerable to Remote Code Execution via file upload. |
|
| CVE-2021-46385 |
unknown |
— |
— |
4y ago |
Mingsoft MCMS SQL injection vulnerability |
|
| CVE-2022-22930 |
unknown |
— |
— |
4y ago |
RCE in Mingsoft MCMS |
|
| CVE-2022-22929 |
unknown |
— |
— |
4y ago |
Arbitrary File Upload in Mingsoft MCMS |
|
| CVE-2022-23315 |
unknown |
— |
— |
4y ago |
Arbitrary file upload in Mingsoft MCMS |
|
| CVE-2018-18830 |
unknown |
— |
— |
8y ago |
Unrestricted Upload of File with Dangerous Type in mingsoft:ms-mcms |
|
| CVE-2018-18831 |
unknown |
— |
— |
8y ago |
Path Traversal in minsoft:ms-mcms |
|