Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven net.mingsoft:ms-mcms Security Advisories

Browse all Security Advisories for maven net.mingsoft:ms-mcms

Loading...
High
GSA_kwCzR0hTQS03cXc0LTlyNjgtMnJteM4AA5Em
mingSoft MCMS File Upload vulnerability
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 10 months ago
High
GSA_kwCzR0hTQS1oNTd3LXZoMzQtZjhjd84AA4dr
Code injection in mingSoft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: 10 months ago
High
GSA_kwCzR0hTQS0zdnZoLThjNjUtMzJqNM4AA4HN
Mingsoft MCMS SQL injection
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: 11 months ago
Low
GSA_kwCzR0hTQS1yeHZqLTVtdjYtajVtY84AA070
Cross-site Scripting in Mingsoft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: over 1 year ago
High
GSA_kwCzR0hTQS0yOTN2LTUzMjktMzZ3cM4AAzHj
MCMS vulnerable to arbitrary code execution via crafted thumbnail
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1oeDhwLTltNDgtZzc2cs4AAyiO
Ming-Soft MCMS vulnerable to SQL injection
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS02NXY2LTNjOW0taG1ycM4AAxK2
Arbitrary file write in net.mingsoft:ms-mcms
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02cnZ2LWg4ZzctNzI4d84AAwgN
Mingsoft MCMS Cross-site Scripting vulnerability
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 1.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1oYzVnLXhmNjQtajQ5as4AAwOq
Mingsoft MCMS vulnerable to SQL Injection
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wNDZjLW00ajctbWp2cc4AAwNP
Mingsoft MCMS vulnerable to Cross-site Scripting
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS13M3JjLTJ3aGctdzkzNM4AAuEF
Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models List
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1obWozLW1xZ3ctMmZxNs4AAuEC
Mingsoft MCMS SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS00ODI4LTQ3M3YtMzdnaM4AAtFM
Unrestricted Upload of File with Dangerous Type in MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS02eGo5LWhwcTMtdzNxd84AArXB
Code injection in MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1ncDM5LXFqNWYtNDNxds4AArW_
Cross Site Request Forgery in Mingsoft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 2 years ago
High
GSA_kwCzR0hTQS1tMjQ2LXB2MjgtNHI2Zs4AAU2r
Mingsoft MCMS CSRF vulnerability
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 2 years ago
High
GSA_kwCzR0hTQS1nOTRwLWgyNjMtYzI2cc0_uA
Cross Site Request Forgery in Mingsoft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 2 years ago
High
GSA_kwCzR0hTQS1teDN4LXJtcmgtOXdmNs04yg
SQL injection in net.mingsoft:ms-mcms
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1xd2g2LXh3ajQtOWNqZ80wQA
Remote code execution in net.mingsoft:ms-mcms
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS05NjhjLW1tMjgtamZ3NM0wFg
SQL injection in net.mingsoft:ms-mcms
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1wOTRxLTlxMm0tcGZoMs0v9Q
SQL injection in net.mingsoft:ms-mcms
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS1nOGo4LW1naDktcTc3cM0teg
File upload leading to RCE in MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS03M3d4LXJwajMtbXg0Ns0teQ
Path traversal in MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.4
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS1nYzc5LWdoNGYtOWc2d80tdQ
Server Side Template Injection in MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1ycHZyLW13N3ItMjV4eM0tdw
MCMS Arbitrary File Deletion vulnerability
Ecosystems: maven
Packages: net.mingsoft:ms-mcms, net.mingsoft:ms-basic
Source: GitHub Advisory Database
Blast Radius: 7.1
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS0ycG13LWN2YzctZnJ2aM0s2A
SQL injection in MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgzaHctZzRobS03Z3I0
SQL injection without credentials in ming-soft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1xcWMyLXB2NjgtcTcyaM0mug
Mingsoft MCMS SQL injection vulnerability
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS1jd3g5LXJwNHctNDU0Nc0muQ
Mingsoft MCMS vulnerable to Remote Code Execution via file upload.
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
High
GSA_kwCzR0hTQS1waHdxLTlnYzQtcTVjOM0msg
Mingsoft MCMS SQL injection vulnerability
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS03N2hoLXA3cjYtNjZwds0l6g
Arbitrary File Upload in Mingsoft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS04d3E3LWhoamotZnBxds0l6Q
RCE in Mingsoft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Critical
GSA_kwCzR0hTQS1mcjV3LTk4bWMtamp2Z80l5Q
Arbitrary file upload in Mingsoft MCMS
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: almost 3 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM3YzcteG04Zy14bTM2
Unrestricted Upload of File with Dangerous Type in mingsoft:ms-mcms
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 3.0
Published: about 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdoanAtOTdnMy1ycTkz
Path Traversal in minsoft:ms-mcms
Ecosystems: maven
Packages: net.mingsoft:ms-mcms
Source: GitHub Advisory Database
Blast Radius: 2.3
Published: about 6 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 5
Ecosystems: 12
Filter by Severity
Moderate 8,836 High 7,269 Critical 3,070 Low 1,144
Filter by Ecosystem
maven 5,864 packagist 4,634 pypi 4,352 npm 3,812 go 2,295 nuget 1,552 cargo 882 rubygems 880 swift 33 hex 32 actions 20 pub 9
Filter by Package
org.jenkins-ci.main:jenkins-core 193 org.apache.tomcat:tomcat 132 com.fasterxml.jackson.core:jackson-databind 69 org.apache.struts:struts2-core 55 org.keycloak:keycloak-core 51 com.liferay.portal:release.portal.bom 46 org.apache.tomcat.embed:tomcat-embed-core 38 org.xwiki.platform:xwiki-platform-oldcore 37 com.thoughtworks.xstream:xstream 37 org.keycloak:keycloak-services 36 org.elasticsearch:elasticsearch 36 com.jfinal:jfinal 36 net.mingsoft:ms-mcms 35 io.undertow:undertow-core 34 org.jenkins-ci.plugins:script-security 33 org.apache.solr:solr-core 25 org.keycloak:keycloak-parent 25 org.springframework.security:spring-security-core 24 org.eclipse.jetty:jetty-server 24 org.bouncycastle:bcprov-jdk14 22 org.apache.openmeetings:openmeetings-parent 21 org.apache.nifi:nifi 21 org.cloudfoundry.identity:cloudfoundry-identity-server 20 org.xwiki.platform:xwiki-platform-web-templates 19 org.springframework:spring-core 19 com.liferay.portal:release.dxp.bom 18 com.vaadin:vaadin-bom 18 org.apache.geode:geode-core 17 org.apache.activemq:activemq-client 16 org.bouncycastle:bcprov-jdk15 16 org.apache.jspwiki:jspwiki-main 16 org.apache.dubbo:dubbo 16 org.apache.struts.xwork:xwork-core 15 org.apache.tomcat:tomcat-coyote 14 org.apache.inlong:manager-pojo 14 org.xwiki.platform:xwiki-platform-web 14 org.jenkins-ci.plugins.workflow:workflow-cps 13 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 org.jeecgframework.boot:jeecg-boot-parent 12 org.apache.dolphinscheduler:dolphinscheduler 12 org.bouncycastle:bcprov-jdk15on 12 com.vaadin:flow-server 12 org.jenkins-ci.plugins:git 12 org.apache.hadoop:hadoop-common 12 org.apache.camel:camel-core 11 org.apache.cxf:cxf-core 11 org.igniterealtime.openfire:parent 11 org.apache.tika:tika-core 11 org.jenkins-ci.plugins:email-ext 11 org.apache.jspwiki:jspwiki-war 11 com.xuxueli:xxl-job 11 org.mortbay.jetty:jetty 11 org.jeecgframework.boot:jeecg-boot-common 11 org.springframework:spring-webmvc 11 org.apache.commons:commons-compress 11 org.apache.james:james-server 11 org.apache.ranger:ranger 11 org.xwiki.platform:xwiki-platform-administration-ui 10 org.springframework:spring-web 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 io.netty:netty 10 org.jboss.netty:netty 10 org.apache.tomcat:tomcat-catalina 10 org.apache.inlong:manager-service 10 org.apache.archiva:archiva 9 org.opennms:opennms 9 bootstrap 9 bootstrap 9 org.opencrx:opencrx-core-models 9 org.jenkins-ci.plugins:electricflow 9 io.jenkins:configuration-as-code 9 org.apache.linkis:linkis 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.craftercms:crafter-studio 9 org.opencms:opencms-core 9 org.jenkins-ci.plugins:config-file-provider 9 org.apache.hive:hive 9 cn.hutool:hutool-core 9 org.apache.shiro:shiro-core 9 org.bouncycastle:bcprov-jdk15to18 9 org.apache.tapestry:tapestry-core 9 org.apache.kylin:kylin 9 org.jenkins-ci.plugins:active-directory 9 twbs/bootstrap 9 org.apache.xmlgraphics:batik 9 org.webjars:bootstrap 9 bootstrap 9 org.apache.pdfbox:pdfbox 8 org.apache.hive:hive-exec 8 org.jenkins-ci.plugins:ec2 8 jquery 8 io.jenkins.blueocean:blueocean 8 mysql:mysql-connector-java 8 com.hazelcast:hazelcast 8 org.postgresql:postgresql 8 org.apache.santuario:xmlsec 8 org.apache.zeppelin:zeppelin 8 org.apache.ozone:ozone-main 8 pyspark 8 org.apache.ambari:ambari 8 org.yaml:snakeyaml 8 org.graylog2:graylog2-server 8 jquery-rails 8 org.webjars.npm:jquery 8 org.apache.tika:tika 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.jboss.resteasy:resteasy-client 7 org.jenkins-ci.plugins:rundeck 7 org.jruby:jruby-stdlib 7 org.owasp.antisamy:antisamy 7 org.apache.inlong:manager-web 7 jQuery.UI.Combined 7 jQuery 7 bootstrap.sass 7 org.apache.atlas:atlas-common 7 org.apache.derby:derby 7 org.jenkins-ci.plugins:artifactory 7 org.apache.spark:spark-core_2.11 7 bootstrap-sass 7 org.apache.hive:hive-service 7 org.webjars.npm:jquery-ui 7 org.apache.activemq:activemq-parent 7 net.opentsdb:opentsdb 7 io.dataease:dataease-plugin-common 7 jquery-ui-rails 7 jquery-ui 7 rubygems-update 7 org.apache.cxf:apache-cxf 7 org.silverpeas.core:silverpeas-core-web 7 io.jenkins.plugins:miniorange-saml-sp 7 org.jenkins-ci.plugins:jobConfigHistory 7 org.jenkins-ci.plugins:mercurial 7 io.jenkins.plugins:warnings-ng 7 org.apache.karaf:apache-karaf 7 org.jenkins-ci.plugins:subversion 7 org.apache.poi:poi 7 org.jenkins-ci.plugins:openshift-deployer 7 org.jeecgframework.boot:jeecg-boot-base 7 io.atomix:atomix 7 org.apache.logging.log4j:log4j-core 7 org.owasp.esapi:esapi 7 org.jenkins-ci.plugins:oic-auth 7 hudson.plugins:project-inheritance 6 io.netty:netty-handler 6 org.apache.shenyu:shenyu-common 6 org.apache.solr:solr-parent 6 org.apache.storm:storm-core 6 org.apache.druid:druid 6 org.apache.httpcomponents:httpclient 6 com.xebialabs.deployit.ci:deployit-plugin 6 org.csanchez.jenkins.plugins:kubernetes 6 org.apache.spark:spark-core_2.10 6 org.opencastproject:opencast-kernel 6 org.apache.struts:struts2-rest-plugin 6 org.jenkins-ci.plugins:pipeline-maven 6 cn.hutool:hutool-json 6 org.bouncycastle:bcprov-jdk18on 6 org.opensearch.plugin:opensearch-security 6 axis:axis 6 org.apache.mesos:mesos 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 org.apache.axis:axis 6 org.jenkins-ci.plugins:repository-connector 6 org.jenkins-ci.plugins:fortify-on-demand-uploader 6 io.netty:netty-codec-http 6 org.apache.pulsar:pulsar-broker 6 com.jflyfox:jflyfox_jfinal 6 commons-fileupload:commons-fileupload 6 de.tum.in.ase:artemis-java-test-sandbox 6 org.jenkins-ci.plugins:ec2-deployment-dashboard 6 org.xwiki.commons:xwiki-commons-xml 6 com.google.protobuf:protobuf-java 6 tech.powerjob:powerjob 6 org.infinispan:infinispan-core 6 org.jenkins-ci.plugins:gitlab-oauth 6 org.jenkins-ci.plugins:azure-vm-agents 6 org.apache.syncope:syncope-core 6 org.jenkins-ci.plugins:matrix-project 5 io.vertx:vertx-web 5 org.jenkins-ci.plugins:aws-codecommit-trigger 5 org.jenkins-ci.plugins:sinatra-chef-builder 5 org.igniterealtime.openfire:xmppserver 5 org.jenkins-ci.plugins:scriptler 5 org.biouno:uno-choice 5 xerces:xercesImpl 5 org.jenkins-ci.plugins:codedx 5 org.apache.zookeeper:zookeeper 5 org.apache.cassandra:cassandra-all 5 org.opennms:opennms-webapp 5 com.ruoyi:ruoyi 5 org.geoserver:gs-wms 5 org.apache.kylin:kylin-server-base 5 bootstrap-sass 5 org.apache.hadoop:hadoop-client 5 ca.uhn.hapi.fhir:org.hl7.fhir.r4b 5 org.jenkins-ci.plugins:ghprb 5 org.wildfly:wildfly-parent 5 org.jenkins-ci.plugins:delphix 5 org.codehaus.jettison:jettison 5
Filter by Repository
https://github.com/ming-soft/MCMS 13 https://github.com/UDKI11/vul 1 https://github.com/tanalala/CVE 1 https://github.com/h3ak/MCMS-CVE-Request 1