CNNVD-202510-1421 Information

CNNVD ID

CNNVD-202510-1421

Related CVE

CVE-2025-60838

• CNNVD Published: 2025-10-10

Description (Chinese)

MingSoft MCMS是中国铭飞（MingSoft）公司的一个完整开源的 J2ee 系统。 MingSoft MCMS v6.0.1版本存在安全漏洞，该漏洞源于允许上传特制文件，可能导致执行任意代码。

Description (English)

MingSoft MCMS is a complete open-source J2ee system for MinSoft. MingSoft MMCMS v.6.01 has a security loophole, which stems from allowing the uploading of unique files, which may lead to the enforcement of arbitrary codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

铭飞

Published

2025-10-10

Last Modified

2026-02-24

References

http://mcms.com https://gist.github.com/xuzhiwei66666666/8a990104861ce31cf73ea38e7eb32a7d https://gitee.com/mingSoft/MCMS