CVE-2023-5029

Name of the Vulnerable Software and Affected Versions mccms version 2.6

Description A critical issue was found in the software, affecting an unknown part of the file /category/order/hits/copyright/46/finish/1/list/1. The issue can be exploited through SQL injection by manipulating the input with "1.

Recommendations For mccms version 2.6, consider restricting access to the affected file path /category/order/hits/copyright/46/finish/1/list/1 to minimize the risk of exploitation. Avoid using user-supplied input in SQL queries until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.