Lucene search
GoogleOSV:GHSA-HX8P-9M48-G76RHistoryApr 04, 2023 - 3:30 p.m.
Ming-Soft MCMS vulnerable to SQL injection
2023-04-0415:30:27
Google
osv.dev
6
ming-soft
sql injection
remote attacker
arbitrary code
vulnerability
software
version 4.7.2
version 5.1
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
54.9%
SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basic_title parameter. This issue is resolved in v5.1.
Related
nvd
nvd
CVE-2020-20913
2023-04-04 15:15:08
prion
prion
Sql injection
2023-04-04 15:15:00
github
github
Ming-Soft MCMS vulnerable to SQL injection
2023-04-04 15:30:27
veracode
veracode
SQL Injection
2023-04-27 08:45:44
cvelist
cvelist
CVE-2020-20913
2023-04-04 00:00:00
cve
cve
CVE-2020-20913
2023-04-04 15:15:08
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
54.9%
Related for OSV:GHSA-HX8P-9M48-G76R