2021-01-22 15:35:58
mitre
PUBLISHED
An issue was discovered in ming-soft MCMS v5.0, where a malicious user can exploit SQL injection without logging in through /mcms/view.do.