CVE-2023-51282

An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:mingsoft:mcms:5.2.4:*:*:*:*:*:*:*

History

23 Jan 2024, 18:08

Type Values Removed Values Added
CPE cpe:2.3:a:mingsoft:mcms:5.2.4:*:*:*:*:*:*:*
References () https://gitee.com/mingSoft/MCMS/issues/I4Q4NV - () https://gitee.com/mingSoft/MCMS/issues/I4Q4NV - Product
References () https://github.com/tanalala/CVE/blob/main/Code.md - () https://github.com/tanalala/CVE/blob/main/Code.md - Exploit, Third Party Advisory
CWE CWE-94
First Time Mingsoft
Mingsoft mcms
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

16 Jan 2024, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-16 02:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-51282

Mitre link : CVE-2023-51282

CVE.ORG link : CVE-2023-51282


JSON object : View

Products Affected

mingsoft

  • mcms
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')