CVE-2024-13136 wangl1989 mysiteforme ShiroConfig.java rememberMeManager deserialization

A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The...

Mysiteforme 代码问题漏洞

Mysiteforme is a permission management system for wangl1989 individual developers. A code issue vulnerability exists in Mysiteforme version 1.0, which stems from the RememberMeManager function in file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java that causes deserialization...

Deserialization of untrusted data

kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file...

kvf-admin 信任管理问题漏洞

kvf-admin is a rapid development framework, scaffolding, backend management system, and permissions system for kalvinGit individual developers. kvf-admin suffers from a trust management issue vulnerability that originates from setting a fixed key in the com.kalvin.kvf.common.shiro.ShiroConfig fil...