Shodan
Vulnerabilities
Vulnerable Software
Mingsoft:  >> Mcms  >> 5.5.0  Security Vulnerabilities
CVE-2025-60837
A reflected cross-site scripting (XSS) vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-10-23
CVE-2025-56316
A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-10-17
CVE-2025-60838
An arbitrary file upload vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary code via uploading a crafted file.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved