Wangl1989 Mysiteforme

14 CVEs affecting Wangl1989 Mysiteforme. Latest disclosed: 2025-03-04. Critical: 4, High: 4.

Top CVEs affecting Wangl1989 Mysiteforme
CVESeverityScorePublishedSummary
CVE-2025-26136Critical9.82025-03-04A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1.
CVE-2024-57766Critical9.12025-01-15MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField.
CVE-2024-57764Critical9.12025-01-15MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add.
CVE-2024-57763Critical9.12025-01-15MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField.
CVE-2024-57767High8.62025-01-15MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download.
CVE-2024-57765High7.52025-01-15MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the s_name parameter at table/list.
CVE-2024-57762High7.52025-01-15MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml configuration file.
CVE-2022-29309High7.52022-05-24mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery.
CVE-2021-46027Medium6.52022-01-19mysiteforme, as of 19-12-2022, has a CSRF vulnerability in the background blog management. The attacker constructs a CSRF load. Once the administrator clicks a…
CVE-2024-13139Medium6.32025-01-05A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/…
CVE-2024-13136Medium6.32025-01-05A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/mai…
CVE-2021-46026Medium5.42022-01-20mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting (XSS) via the add blog tag function in the blog tag in the background blog management.
CVE-2024-13138Medium4.72025-01-05A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/j…
CVE-2024-13137Low2.42025-01-05A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java…