Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

NVD
NVDadded 2025/01/15 12:15 a.m.13 views

CVE-2024-57765

MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the sname parameter at table/list...

7.5CVSS0.00283EPSS
Exploits1References1
OSV
OSVadded 2025/01/15 12:15 a.m.3 views

CVE-2024-57766

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField...

9.1CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2025/01/15 12:15 a.m.7 views

CVE-2024-57767

MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery SSRF via the component /file/download...

8.6CVSS0.00345EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/01/14 12:0 a.m.7 views

CVE-2024-57764

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add...

7.1AI score0.00407EPSS
Exploits1References1
CVE
CVEadded 2025/01/14 12:0 a.m.45 views

CVE-2024-57767

CVE-2024-57767 affects MSFM prior to 2025.01.01 and describes a Server-Side Request Forgery (SSRF) via the "/file/download" component. The root cause is an SSRF vulnerability in the file-download functionality, enabling an attacker to access internal resources through the affected module. The CVS...

8.6CVSS7.5AI score0.00345EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2025/01/14 12:0 a.m.46 views

CVE-2024-57766

CVE-2024-57766 affects MSFM prior to 2025-01-01, with a fastjson deserialization vulnerability in the component system/table/editField. The CVSS v3.1 base score is 9.1 (CRITICAL): Network attack, no user interaction, no privileges required, with high confidentiality and integrity impact. Document...

9.1CVSS7.5AI score0.00407EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/01/14 12:0 a.m.4 views

CVE-2024-57767

MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery SSRF via the component /file/download...

8.7AI score0.00345EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/01/14 12:0 a.m.6 views

CVE-2024-57765

MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the sname parameter at table/list...

7.9AI score0.00283EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/01/14 12:0 a.m.2 views

PT-2025-3561 · Msfm · Msfm

Name of the Vulnerable Software and Affected Versions: MSFM versions prior to v2025.01.01 Description: The issue is related to a Server-Side Request Forgery SSRF in MSFM, which occurs via the /file/download component. This allows for unauthorized access to internal resources. Recommendations: For...

8.6CVSS6.3AI score0.00345EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2025/01/14 12:0 a.m.3 views

CVE-2024-57763

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField...

7.1AI score0.00351EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/01/14 12:0 a.m.6 views

CVE-2024-57765

MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the sname parameter at table/list...

0.00283EPSS
Exploits1References1
Rows per page
Query Builder