Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-46386

File upload vulnerability in mingSoft MCMS through 5.2.5, allows remote attackers to execute arbitrary code via a crafted jspx webshell to net.mingsoft.basic.action.web.FileAction#upload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.064
EPSS Ranking 90.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2021-46386
  • Mingsoft » Mcms » Version: 4.6.3
    cpe:2.3:a:mingsoft:mcms:4.6.3
  • Mingsoft » Mcms » Version: 4.6.4
    cpe:2.3:a:mingsoft:mcms:4.6.4
  • Mingsoft » Mcms » Version: 4.6.5
    cpe:2.3:a:mingsoft:mcms:4.6.5
  • Mingsoft » Mcms » Version: 4.7.0
    cpe:2.3:a:mingsoft:mcms:4.7.0
  • Mingsoft » Mcms » Version: 4.7.1
    cpe:2.3:a:mingsoft:mcms:4.7.1
  • Mingsoft » Mcms » Version: 4.7.2
    cpe:2.3:a:mingsoft:mcms:4.7.2
  • Mingsoft » Mcms » Version: 5.0
    cpe:2.3:a:mingsoft:mcms:5.0
  • Mingsoft » Mcms » Version: 5.1
    cpe:2.3:a:mingsoft:mcms:5.1
  • Mingsoft » Mcms » Version: 5.2
    cpe:2.3:a:mingsoft:mcms:5.2
  • Mingsoft » Mcms » Version: 5.2.1
    cpe:2.3:a:mingsoft:mcms:5.2.1
  • Mingsoft » Mcms » Version: 5.2.2
    cpe:2.3:a:mingsoft:mcms:5.2.2
  • Mingsoft » Mcms » Version: 5.2.3
    cpe:2.3:a:mingsoft:mcms:5.2.3
  • Mingsoft » Mcms » Version: 5.2.4
    cpe:2.3:a:mingsoft:mcms:5.2.4
  • Mingsoft » Mcms » Version: 5.2.5
    cpe:2.3:a:mingsoft:mcms:5.2.5


Products
Pricing
Contact Us

Shodan ® - All rights reserved