CVE-2021-46385

https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.FormDataAction#queryData. The attack vector is: 0 or sleep(3). ΒΆΒΆ MCMS has a sql injection vulnerability through which attacker can get sensitive information from the database.
References
Link Resource
https://gitee.com/mingSoft/MCMS/issues/I4QZ1K Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:mingsoft:mcms:*:*:*:*:*:*:*:*

Information

Published : 2022-01-26 11:15

Updated : 2022-02-04 07:43


NVD link : CVE-2021-46385

Mitre link : CVE-2021-46385


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

mingsoft

  • mcms