{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6562", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-18T16:00:40.218Z", "datePublished": "2026-04-19T08:15:11.633Z", "dateUpdated": "2026-04-19T08:15:11.633Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-19T08:15:11.633Z"}, "title": "dameng100 muucmf index.html getListByPage sql injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-89", "lang": "en", "description": "SQL Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "dameng100", "product": "muucmf", "versions": [{"version": "1.9.5.20260309", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-18T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-18T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-18T18:05:44.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "thinhnee (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/358199", "name": "VDB-358199 | dameng100 muucmf index.html getListByPage sql injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/358199/cti", "name": "VDB-358199 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/789501", "name": "Submit #789501 | dameng100 MuuCmf T6 cms 1.9.5.20260309 SQL Injection", "tags": ["third-party-advisory"]}, {"url": "https://thinhneee.github.io/posts/muucmf-sqli/", "tags": ["exploit"]}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-6562", "lastModified": "2026-04-19T09:16:10.100", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-19T09:16:10.100", "references": [{"source": "cna@vuldb.com", "url": "https://thinhneee.github.io/posts/muucmf-sqli/"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/789501"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358199"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358199/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-19T09:20:54.309928+00:00", "value": {"mitigation_remediation": ["Validate and sanitize the keyword argument to getListByPage, using parameterized queries or prepared statements to eliminate SQL injection possibilities.", "Apply or upgrade to a vendor-patched version of dameng100 muucmf; if no patch exists, consider upgrading to the latest release or replacing the component.", "Restrict external access to the Search endpoint by implementing firewall rules or network segmentation, and disable the endpoint if it is not required for business operations."], "summary": {"action": "Patch ASAP", "impact": "Remote SQL Injection"}, "threat_synthesis": {"affected_systems": "Dameng100 muucmf 1.9.5.20260309 is the only version explicitly listed as affected. The vulnerable component is the getListByPage function accessed via the web interface at /index/Search/index.html.", "description_and_impact": "A flaw in dameng100 muucmf 1.9.5.20260309 allows an attacker to inject arbitrary SQL through the keyword argument of the getListByPage function in /index/Search/index.html. The vulnerability is a classic SQL injection (CWE-89) and may also involve improper neutralization of special elements (CWE-74). An unauthenticated attacker can supply a crafted value and potentially read, modify or delete data in the backend database, compromising confidentiality and integrity.", "risk_and_exploitability": "The CVSS base score of 6.9 indicates moderate impact, but an exploit has already been published and may be used by remote attackers. The EPSS score is not available, and the vulnerability is not listed in CISA\u2019s KEV catalog. Attackers can exploit the flaw remotely by sending a malicious keyword parameter to the getListByPage endpoint; no special privileges are required, making the risk broader for exposed systems."}}}}, "created": "2026-04-19T09:30:23.185008+00:00", "updated": "2026-04-19T09:30:23.185022+00:00", "vendors": []}