Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2020-18132
Disclosure Date: May 08, 2023 (last updated October 08, 2023)
Cross Site Scripting (XSS) vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code via the category name field to categoryEdit.
0
Attacker Value
Unknown
CVE-2022-40784
Disclosure Date: September 26, 2022 (last updated October 08, 2023)
Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406.
0
Attacker Value
Unknown
CVE-2022-40785
Disclosure Date: September 26, 2022 (last updated October 08, 2023)
Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app.
0
Attacker Value
Unknown
CVE-2020-19264
Disclosure Date: September 09, 2021 (last updated February 23, 2025)
A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd.
0
Attacker Value
Unknown
CVE-2020-19263
Disclosure Date: September 09, 2021 (last updated February 23, 2025)
A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily escalate user privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit.
0
Attacker Value
Unknown
CVE-2020-20582
Disclosure Date: July 08, 2021 (last updated February 23, 2025)
A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1 allows attackers to access sensitive information.
0
