GCVE - cpe:2.3:a:n/a:mccms:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:mccms:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Mccms (`4ec4650e-6c02-5be1-b752-bcfcb4846f07`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-5029`	vulnerable	2026-06-08 06:19:40.729113	mccms 1 sql injection MEDIUM (5.5) A vulnerability, which was classified as critical, was found in mccms 2.6. This affects an unknown part of the file /category/order/hits/copyright/46/finish/1/list/1. The manipulation with the input '"1 leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239871. Published: 2023-09-17T21:31:04.605Z Updated: 2024-09-25T14:06:10.813Z Open on db.gcve.eu Reference links https://vuldb.com/?id.239871 https://vuldb.com/?ctiid.239871 https://github.com/1541284314/cve/blob/main/README.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-3236`	vulnerable	2026-06-08 06:09:38.907214	mccms Comic.php pic_save server-side request forgery MEDIUM (6.3) A vulnerability classified as critical has been found in mccms up to 2.6.5. This affects the function pic_save of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231507. Published: 2023-06-14T07:00:06.331Z Updated: 2024-08-02T06:48:08.195Z Open on db.gcve.eu Reference links https://vuldb.com/?id.231507 https://vuldb.com/?ctiid.231507 https://github.com/HuBenLab/HuBenVulList/blob/main/MCCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF)%202.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-3235`	vulnerable	2026-06-08 06:09:38.905836	mccms Comic.php pic_api server-side request forgery MEDIUM (6.3) A vulnerability was found in mccms up to 2.6.5. It has been rated as critical. Affected by this issue is the function pic_api of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-231506 is the identifier assigned to this vulnerability. Published: 2023-06-14T07:00:04.704Z Updated: 2024-08-02T06:48:08.197Z Open on db.gcve.eu Reference links https://vuldb.com/?id.231506 https://vuldb.com/?ctiid.231506 https://github.com/HuBenLab/HuBenVulList/blob/main/MCCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF)%201.md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.