DNA View

High Severity Vulnerability

This vulnerability has been rated as High severity. Immediate action is recommended.

CVE-2026-6562

High

Low Medium High Critical

7.3

CVSS Score

Published: Apr 19, 2026

Last Modified: Apr 19, 2026

CWE: CWE-74

Vulnerability Description

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

References & Resources

Severity Details

7.3

out of 10.0

High

Weakness Type (CWE)

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Description: The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when…
Exploit Likelihood: High
Typical Severity: Medium
Abstraction Level: Class