Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
8DescriptionCVE.org
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
SQL injection in dameng100 muucmf 1.9.5.20260309 allows remote unauthenticated attackers to compromise database confidentiality, integrity, and availability via the 'keyword' parameter in /index/Search/index.html. Public exploit code is available (thinhneee.github.io), increasing immediate exploitation risk. EPSS and KEV data not available, but CVSS 7.3 with network attack vector (AV:N), low complexity (AC:L), and no authentication required (PR:N) indicate high accessibility. Vendor (dameng100) has not responded to disclosure, suggesting no official patch timeline.
Technical ContextAI
This vulnerability affects muucmf, a content management framework developed by dameng100, specifically version 1.9.5.20260309. The root cause is CWE-89 (SQL Injection), a class of input validation failures where user-supplied data is incorporated into SQL queries without proper sanitization or parameterization. The vulnerable component is the getListByPage function within the search module (/index/Search/index.html), which processes the 'keyword' parameter. When this parameter contains malicious SQL syntax, the application executes the attacker-controlled SQL code directly against the backend database. SQL injection vulnerabilities typically arise from concatenating user input into dynamic SQL queries rather than using prepared statements or parameterized queries. The CPE identifier (cpe:2.3:a:dameng100:muucmf:*:*:*:*:*:*:*:*) indicates this is a vendor application rather than a widely-distributed third-party library, limiting the overall exposure to organizations specifically using this Chinese-developed CMS framework.
RemediationAI
No vendor-released patch has been identified at time of analysis, as dameng100 did not respond to coordinated disclosure attempts per VulDB submission 789501. Organizations currently running muucmf 1.9.5.20260309 should implement immediate compensating controls. Primary mitigation: disable or restrict access to the /index/Search/index.html endpoint through web application firewall (WAF) rules or web server configuration (e.g., Apache/Nginx location blocks) until a patch becomes available - note this will break search functionality for legitimate users. Secondary mitigation: implement input validation at the network perimeter using WAF rules to block SQL metacharacters (quotes, semicolons, UNION, SELECT keywords) in the 'keyword' parameter, though sophisticated attackers may bypass signature-based filtering using encoding or fragmentation techniques. Tertiary option: conduct manual code review of the getListByPage function and implement parameterized queries or prepared statements if source code access and in-house PHP development expertise are available, though this creates a custom fork requiring ongoing maintenance. Organizations should monitor https://vuldb.com/vuln/358199 and dameng100's official channels for potential future patch releases, and consider migrating to actively-maintained CMS platforms with established security response processes given the vendor's silence.
Muucmf 1.9.5.20260309 contains a cross-site scripting (XSS) vulnerability in the /admin/extend/list.html endpoint where
A reflected cross-site scripting (XSS) vulnerability exists in dameng100 muucmf version 1.9.5.20260309 within the /admin
A stored cross-site scripting (XSS) vulnerability exists in dameng100 muucmf version 1.9.5.20260309 and potentially earl
A reflected cross-site scripting (XSS) vulnerability exists in Dameng100 MUUCMF version 1.9.5.20260309 within the Member
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-23688
GHSA-7786-mqff-chgr