68 matches found
CVE-2024-13136
Summary (CVE-2024-13136): A deserialization vulnerability affecting the RememberMeManager in wangl1989 mysiteforme 1.0, located at src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The issue is triggered via the RememberMeManager component and can be exploited remotely. The exploit has...
CVE-2024-13136 wangl1989 mysiteforme ShiroConfig.java rememberMeManager deserialization
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The...
CVE-2024-13136 wangl1989 mysiteforme ShiroConfig.java rememberMeManager deserialization
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The...
Mysiteforme 代码问题漏洞
Mysiteforme is a permission management system for wangl1989 individual developers. A code issue vulnerability exists in Mysiteforme version 1.0, which stems from the RememberMeManager function in file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java that causes deserialization...
Mysiteforme 代码注入漏洞
Mysiteforme is a permission management system for wangl1989 individual developers. A code injection vulnerability exists in Mysiteforme version 1.0, which originates from the RestResponse function of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController that can lead to...
Mysiteforme 代码问题漏洞
Mysiteforme is a permission management system for wangl1989 individual developers. A code issue vulnerability exists in Mysiteforme version 1.0, which stems from the parameter content in the file src/main/java/com/mysiteform/admin/controller/system/FileController that can lead to server-side...
Mysiteforme 代码问题漏洞
Mysiteforme is a permission management system for wangl1989 individual developers. A code issue vulnerability exists in Mysiteforme version 1.0, which stems from the parameter test in the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl that can lead to unrestricted...
CVE-2022-29309
mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...
CVE-2022-29309
mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...
CVE-2022-29309
mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...
Server side request forgery (ssrf)
mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...
CVE-2022-29309
CVE-2022-29309 affects mysiteforme v2.2.1 and is a Server-Side Request Forgery (SSRF). Evidence from PT-2022-19532 indicates the issue is related to SSRF in version 2.2.1 and currently there is no available fix/version documented. Other sources (CNNVD) describe the vulnerability as enabling spoof...
CVE-2022-29309
mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...
Mysiteforme 代码问题漏洞
Mysiteforme is a privilege management system. A security vulnerability exists in Mysiteforme version v2.2.1, which can be exploited by an attacker to spoof requests to the server side...
PT-2022-19532 · Unknown · Mysiteforme
Name of the Vulnerable Software and Affected Versions: mysiteforme version 2.2.1 Description: The issue is related to a Server-Side Request Forgery. Recommendations: For mysiteforme version 2.2.1, at the moment, there is no information about a newer version that contains a fix for this issue...
mysiteforme cross-site scripting vulnerability
Mysiteforme is a permission management system. mysiteforme suffers from a cross-site scripting vulnerability that stems from the lack of user-supplied data and output data validation filtering in the blog tagging function of the backend blog management. An attacker could exploit the vulnerability...
mysiteforme Cross-Site Request Forgery Vulnerability
Mysiteforme is a permission management system. A cross-site request forgery vulnerability exists in mysiteforme, which stems from a lack of validation for cross-site request forgery in the backend blog administration. An attacker could use a forged malicious request to trick a victim into clickin...
CVE-2021-46026
mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting XSS via the add blog tag function in the blog tag in the background blog management...
CVE-2021-46026
mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting XSS via the add blog tag function in the blog tag in the background blog management...
CVE-2021-46027
mysiteforme, as of 19-12-2022, has a CSRF vulnerability in the background blog management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, a blog tag will be added...