Skip to main content

Muucmf CVE-2026-6562

| EUVDEUVD-2026-23688 MEDIUM
SQL Injection (CWE-89)
2026-04-19 VulDB GHSA-7786-mqff-chgr
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

8
CVSS changed
Apr 29, 2026 - 01:12 NVD
6.9 (MEDIUM) 5.5 (MEDIUM)
PoC Detected
Apr 29, 2026 - 01:00 vuln.today
Public exploit code
Severity Changed
Apr 19, 2026 - 09:22 NVD
HIGH MEDIUM
CVSS changed
Apr 19, 2026 - 09:22 NVD
7.3 (HIGH) 6.9 (MEDIUM)
Analysis Generated
Apr 19, 2026 - 08:48 vuln.today
EUVD ID Assigned
Apr 19, 2026 - 08:45 euvd
EUVD-2026-23688
Analysis Generated
Apr 19, 2026 - 08:45 vuln.today
CVE Published
Apr 19, 2026 - 08:15 nvd
MEDIUM 5.5

DescriptionCVE.org

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

SQL injection in dameng100 muucmf 1.9.5.20260309 allows remote unauthenticated attackers to compromise database confidentiality, integrity, and availability via the 'keyword' parameter in /index/Search/index.html. Public exploit code is available (thinhneee.github.io), increasing immediate exploitation risk. EPSS and KEV data not available, but CVSS 7.3 with network attack vector (AV:N), low complexity (AC:L), and no authentication required (PR:N) indicate high accessibility. Vendor (dameng100) has not responded to disclosure, suggesting no official patch timeline.

Technical ContextAI

This vulnerability affects muucmf, a content management framework developed by dameng100, specifically version 1.9.5.20260309. The root cause is CWE-89 (SQL Injection), a class of input validation failures where user-supplied data is incorporated into SQL queries without proper sanitization or parameterization. The vulnerable component is the getListByPage function within the search module (/index/Search/index.html), which processes the 'keyword' parameter. When this parameter contains malicious SQL syntax, the application executes the attacker-controlled SQL code directly against the backend database. SQL injection vulnerabilities typically arise from concatenating user input into dynamic SQL queries rather than using prepared statements or parameterized queries. The CPE identifier (cpe:2.3:a:dameng100:muucmf:*:*:*:*:*:*:*:*) indicates this is a vendor application rather than a widely-distributed third-party library, limiting the overall exposure to organizations specifically using this Chinese-developed CMS framework.

RemediationAI

No vendor-released patch has been identified at time of analysis, as dameng100 did not respond to coordinated disclosure attempts per VulDB submission 789501. Organizations currently running muucmf 1.9.5.20260309 should implement immediate compensating controls. Primary mitigation: disable or restrict access to the /index/Search/index.html endpoint through web application firewall (WAF) rules or web server configuration (e.g., Apache/Nginx location blocks) until a patch becomes available - note this will break search functionality for legitimate users. Secondary mitigation: implement input validation at the network perimeter using WAF rules to block SQL metacharacters (quotes, semicolons, UNION, SELECT keywords) in the 'keyword' parameter, though sophisticated attackers may bypass signature-based filtering using encoding or fragmentation techniques. Tertiary option: conduct manual code review of the getListByPage function and implement parameterized queries or prepared statements if source code access and in-house PHP development expertise are available, though this creates a custom fork requiring ongoing maintenance. Organizations should monitor https://vuldb.com/vuln/358199 and dameng100's official channels for potential future patch releases, and consider migrating to actively-maintained CMS platforms with established security response processes given the vendor's silence.

Share

CVE-2026-6562 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy