VYPR

Mrcms

by Mrcms

CVEs (23)

  • CVE-2024-25428Feb 20, 2024
    risk 0.00cvss epss 0.00

    SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run arbitrary system commands via the status parameter.

  • CVE-2024-24161Feb 2, 2024
    risk 0.00cvss epss 0.01

    MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming path parameter is not filtered.

  • CVE-2024-24160Feb 2, 2024
    risk 0.00cvss epss 0.00

    MRCMS 3.0 contains a Cross-Site Scripting (XSS) vulnerability via /admin/system/saveinfo.do.

Page 2 of 2