High severityNVD Advisory· Published Jan 26, 2022· Updated Aug 4, 2024
CVE-2021-46385
CVE-2021-46385
Description
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL Injection. The impact is: obtain sensitive information (remote). The component is: net.mingsoft.mdiy.action.FormDataAction#queryData. The attack vector is: 0 or sleep(3). ¶¶ MCMS has a sql injection vulnerability through which attacker can get sensitive information from the database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
net.mingsoft:ms-mcmsMaven | <= 5.2.5 | — |
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-phwq-9gc4-q5c8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-46385ghsaADVISORY
- gitee.com/mingSoft/MCMS/issues/I4QZ1Kghsax_refsource_MISCWEB
- github.com/ming-soft/MCMS/issues/99ghsaWEB
News mentions
0No linked articles in our index yet.