pkg:Maven/net.mingsoft:ms-mcms

All known vulnerabilities

• CRITICAL9.8CVE-2025-56316MCMS vulnerable SQL injection via the content_title parameter
  >= 5.5.0, < 6.0.2
• CRITICAL9.8CVE-2025-29287MCMS allows arbitrary file uploads in the ueditor component
  from 0, < 5.4.4
• CRITICAL9.8Ming-Soft MCMS vulnerable to SQL injection
  from 0, < 5.1
• CRITICAL9.8Mingsoft MCMS vulnerable to SQL Injection
  from 0, < 5.2.10
• CRITICAL9.8Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models List
  from 0, <= 5.2.8
• CRITICAL9.8Mingsoft MCMS SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter
  from 0, <= 5.2.8
• CRITICAL9.8Unrestricted Upload of File with Dangerous Type in MCMS
• CRITICAL9.8Code injection in MCMS
  from 0, <= 5.2.7
• CRITICAL9.8Remote code execution in net.mingsoft:ms-mcms
  from 0, < 5.2.6
• CRITICAL9.8SQL injection in net.mingsoft:ms-mcms
  from 0, <= 5.2.5
• CRITICAL9.8SQL injection in net.mingsoft:ms-mcms
  from 0, <= 5.2.5
• CRITICAL9.8File upload leading to RCE in MCMS
  from 0, <= 5.2.4
• CRITICAL9.8SQL injection in MCMS
  from 0, <= 5.1
• CRITICAL9.8SQL injection without credentials in ming-soft MCMS
  from 0, < 5.1
• CRITICAL9.8Mingsoft MCMS vulnerable to Remote Code Execution via file upload.
  from 0, <= 5.2.5
• CRITICAL9.8Arbitrary File Upload in Mingsoft MCMS
  from 0, <= 5.2.4
• CRITICAL9.8RCE in Mingsoft MCMS
  from 0, < 5.2.9
• CRITICAL9.8Arbitrary file upload in Mingsoft MCMS
  from 0, <= 5.2.4
• CRITICAL9.8Unrestricted Upload of File with Dangerous Type in mingsoft:ms-mcms
  from 0, <= 4.6.5
• CRITICAL9.1Server Side Template Injection in MCMS
  from 0, <= 5.2.5
• HIGH8.8mingSoft MCMS File Upload vulnerability
  from 0, <= 5.3.5
• HIGH8.8Mingsoft MCMS SQL injection
  from 0, <= 5.2.9
• HIGH8.8MCMS vulnerable to arbitrary code execution via crafted thumbnail
  from 0, <= 5.0.0
• HIGH8.8Arbitrary file write in net.mingsoft:ms-mcms
  from 0, < 5.2.11
• HIGH8.8Cross Site Request Forgery in Mingsoft MCMS
  from 0, <= 5.2.7
• HIGH8.8Mingsoft MCMS CSRF vulnerability
  from 0, <= 4.6.5
• HIGH8.8Cross Site Request Forgery in Mingsoft MCMS
  from 0, <= 5.2.7
• HIGH8.1Path traversal in MCMS
  from 0, <= 5.2.4
• HIGH7.5Code injection in mingSoft MCMS
  from 0, <= 5.2.4
• HIGH7.5Mingsoft MCMS SQL injection vulnerability
  from 0, < 5.2.6
• HIGH7.5Mingsoft MCMS SQL injection vulnerability
  from 0, <= 5.2.5
• HIGH7.5Path Traversal in minsoft:ms-mcms
  from 0, <= 4.6.5
• HIGH7.1MCMS Arbitrary File Deletion vulnerability
  from 0, < 5.2.11
• MEDIUM6.1MCMS reflected cross-site scripting (XSS) vulnerability
  from 0, <= 6.0.1
• MEDIUM5.4Mingsoft MCMS Cross-site Scripting vulnerability
  from 0, <= 5.2.9
• MEDIUM4.7mingSoft MCMS does not properly restrict file uploads
  from 0, <= 6.1.1
• LOW3.5Cross-site Scripting in Mingsoft MCMS
  from 0, < 5.3.2
• —Mingsoft MCMS vulnerable to Cross-site Scripting
  from 0, <= 5.2.8
• —SQL injection in net.mingsoft:ms-mcms
  from 0, <= 5.2.7