CVE-2023-50578

Mingsoft MCMS v5.2.9 was discovered to contain a SQL injection vulnerability via the categoryType parameter at /content/list.do.
References
Link Resource
https://gitee.com/mingSoft/MCMS/issues/I8MAJK Exploit Issue Tracking Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:mingsoft:mcms:5.2.9:*:*:*:*:*:*:*

History

08 Jan 2024, 15:00

Type Values Removed Values Added
First Time Mingsoft
Mingsoft mcms
References () https://gitee.com/mingSoft/MCMS/issues/I8MAJK - () https://gitee.com/mingSoft/MCMS/issues/I8MAJK - Exploit, Issue Tracking, Vendor Advisory
CPE cpe:2.3:a:mingsoft:mcms:5.2.9:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE CWE-89

30 Dec 2023, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-30 16:15

Updated : 2024-09-09 21:35


NVD link : CVE-2023-50578

Mitre link : CVE-2023-50578

CVE.ORG link : CVE-2023-50578


JSON object : View

Products Affected

mingsoft

  • mcms
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')