CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload. The attac...

8.8CVSS8.7AI score0.00068EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:57 a.m.•1 views

CVE-2024-13139

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The atta...

8.8CVSS8.7AI score0.00097EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:57 a.m.•4 views

CVE-2024-13137

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible to initiate the...

5.4CVSS5.2AI score0.00114EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 6:57 a.m.•5 views

CVE-2024-13136

A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The...

9.8CVSS9.4AI score0.00128EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:44 p.m.•4 views

CVE-2022-29309

mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...

7.5CVSS7.4AI score0.00243EPSS

Exploits1References1

RedhatCVE•added 2025/03/06 2:44 a.m.•7 views

CVE-2025-26136

A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1...

9.8CVSS8.1AI score0.00153EPSS

Exploits0References1

OSV•added 2025/03/04 9:15 p.m.•0 views

CVE-2025-26136

A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1...

9.8CVSS5.8AI score0.00153EPSS

Exploits0References1

NVD•added 2025/03/04 9:15 p.m.•4 views

CVE-2025-26136

A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1...

9.8CVSS0.00153EPSS

Exploits0References1

Vulnrichment•added 2025/03/04 12:0 a.m.•3 views

CVE-2025-26136

A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1...

8.1AI score0.00153EPSS

Exploits0References1

Positive Technologies•added 2025/03/04 12:0 a.m.•2 views

PT-2025-9710 · Unknown · Mysiteforme

Name of the Vulnerable Software and Affected Versions: mysiteforme versions prior to 2025.01.1 Description: A SQL injection issue exists. Recommendations: For versions prior to 2025.01.1, update to version 2025.01.1 or later to resolve the issue...

9.8CVSS7.4AI score0.00153EPSS

Exploits0References6

CNNVD•added 2025/03/04 12:0 a.m.•2 views

mysiteforme SQL注入漏洞

mysiteforme is a privilege management system for wangl1989 individual developers. A security vulnerability exists in versions of mysiteforme prior to 2025.01.1, which stems from the presence of a SQL injection issue...

9.8CVSS7.7AI score0.00153EPSS

Exploits0References2

Cvelist•added 2025/03/04 12:0 a.m.•5 views

CVE-2025-26136

A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1...

0.00153EPSS

Exploits0References1

CVE•added 2025/03/04 12:0 a.m.•41 views

CVE-2025-26136

CVE-2025-26136 is a SQL injection vulnerability in mysiteforme versions prior to 2025.01.1. The NVD entry shows a CVSS 3.1 base score of 9.8 (CRITICAL) with NETWORK attack vector, LOW attack complexity, no privileges, and no user interaction required, affecting confidentiality, integrity, and ava...

9.8CVSS8.1AI score0.00153EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/01/14 12:0 a.m.•0 views

Mysiteforme 安全漏洞

Mysiteforme is a permissions management system for wangl1989 individual developers. A security vulnerability exists in Mysiteforme versions prior to 2025.01.01, which stems from the inclusion of a fastjson deserialization vulnerability discovered via the component system/table/add...

9.1CVSS6.8AI score0.00407EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by