Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
mingSoft MCMS Template Archive uploadTemplate.do unrestricted upload
Vulnerability Description
A flaw has been found in mingSoft MCMS 6.1.1. The affected element is an unknown function of the file /ms/file/uploadTemplate.do of the component Template Archive Handler. Executing a manipulation of the argument File can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
MingSoft MCMS 安全漏洞
Vulnerability Description
MingSoft MCMS是中国MingSoft公司的一个模块化内容管理框架。 MingSoft MCMS 6.1.1版本存在安全漏洞,该漏洞源于对文件/ms/file/uploadTemplate.do中参数File的错误操作,可能导致任意文件上传。
CVSS Information
N/A
Vulnerability Type
N/A