Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MingSoft MCMS 安全漏洞
Vulnerability Description
MingSoft MCMS是中国铭飞(MingSoft)公司的一个完整开源的 J2ee 系统。 MingSoft MCMS 5.5.0版本存在安全漏洞,该漏洞源于FreeMarker模板渲染时未清理content_title参数输入,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A