Lucene search
+L

68 matches found

CVE
CVE
added 2025/01/05 9:0 a.m.48 views

CVE-2024-13136

Summary (CVE-2024-13136): A deserialization vulnerability affecting the RememberMeManager in wangl1989 mysiteforme 1.0, located at src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The issue is triggered via the RememberMeManager component and can be exploited remotely. The exploit has...

9.8CVSS6.4AI score0.0059EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/01/05 9:0 a.m.22 views

CVE-2024-13136 wangl1989 mysiteforme ShiroConfig.java rememberMeManager deserialization

A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The...

6.5CVSS0.0059EPSS
Exploits1References5
OSV
OSV
added 2025/01/05 9:0 a.m.10 views

CVE-2024-13136 wangl1989 mysiteforme ShiroConfig.java rememberMeManager deserialization

A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The...

5.3CVSS6.2AI score0.0059EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/01/05 12:0 a.m.4 views

Mysiteforme 代码问题漏洞

Mysiteforme is a permission management system for wangl1989 individual developers. A code issue vulnerability exists in Mysiteforme version 1.0, which stems from the RememberMeManager function in file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java that causes deserialization...

9.8CVSS6.6AI score0.0059EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/05 12:0 a.m.3 views

Mysiteforme 代码注入漏洞

Mysiteforme is a permission management system for wangl1989 individual developers. A code injection vulnerability exists in Mysiteforme version 1.0, which originates from the RestResponse function of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController that can lead to...

5.4CVSS4.2AI score0.0033EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/05 12:0 a.m.3 views

Mysiteforme 代码问题漏洞

Mysiteforme is a permission management system for wangl1989 individual developers. A code issue vulnerability exists in Mysiteforme version 1.0, which stems from the parameter content in the file src/main/java/com/mysiteform/admin/controller/system/FileController that can lead to server-side...

8.8CVSS6.5AI score0.00545EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/01/05 12:0 a.m.4 views

Mysiteforme 代码问题漏洞

Mysiteforme is a permission management system for wangl1989 individual developers. A code issue vulnerability exists in Mysiteforme version 1.0, which stems from the parameter test in the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl that can lead to unrestricted...

8.8CVSS5AI score0.00428EPSS
Exploits1References5
OSV
OSV
added 2022/05/24 3:15 a.m.6 views

CVE-2022-29309

mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...

7.5CVSS7.1AI score0.00865EPSS
Exploits1References1
NVD
NVD
added 2022/05/24 3:15 a.m.17 views

CVE-2022-29309

mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...

7.5CVSS0.00865EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/05/24 3:15 a.m.2 views

CVE-2022-29309

mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...

7.5CVSS5.9AI score0.00865EPSS
Exploits1References2
Prion
Prion
added 2022/05/24 3:15 a.m.15 views

Server side request forgery (ssrf)

mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...

5CVSS7.6AI score0.00865EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/05/24 2:17 a.m.67 views

CVE-2022-29309

CVE-2022-29309 affects mysiteforme v2.2.1 and is a Server-Side Request Forgery (SSRF). Evidence from PT-2022-19532 indicates the issue is related to SSRF in version 2.2.1 and currently there is no available fix/version documented. Other sources (CNNVD) describe the vulnerability as enabling spoof...

7.5CVSS7.5AI score0.00865EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/05/24 2:17 a.m.18 views

CVE-2022-29309

mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery...

7.8AI score0.00865EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/05/24 12:0 a.m.4 views

Mysiteforme 代码问题漏洞

Mysiteforme is a privilege management system. A security vulnerability exists in Mysiteforme version v2.2.1, which can be exploited by an attacker to spoof requests to the server side...

7.5CVSS7.4AI score0.00865EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/05/24 12:0 a.m.4 views

PT-2022-19532 · Unknown · Mysiteforme

Name of the Vulnerable Software and Affected Versions: mysiteforme version 2.2.1 Description: The issue is related to a Server-Side Request Forgery. Recommendations: For mysiteforme version 2.2.1, at the moment, there is no information about a newer version that contains a fix for this issue...

7.5CVSS6.9AI score0.00865EPSS
Exploits1References5
CNVD
CNVD
added 2022/01/23 12:0 a.m.34 views

mysiteforme cross-site scripting vulnerability

Mysiteforme is a permission management system. mysiteforme suffers from a cross-site scripting vulnerability that stems from the lack of user-supplied data and output data validation filtering in the blog tagging function of the backend blog management. An attacker could exploit the vulnerability...

5.4CVSS3AI score0.00441EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/23 12:0 a.m.33 views

mysiteforme Cross-Site Request Forgery Vulnerability

Mysiteforme is a permission management system. A cross-site request forgery vulnerability exists in mysiteforme, which stems from a lack of validation for cross-site request forgery in the backend blog administration. An attacker could use a forged malicious request to trick a victim into clickin...

6.5CVSS6.4AI score0.00416EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/01/20 12:15 a.m.5 views

CVE-2021-46026

mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting XSS via the add blog tag function in the blog tag in the background blog management...

5.4CVSS5.9AI score0.00441EPSS
Exploits1References2
NVD
NVD
added 2022/01/20 12:15 a.m.17 views

CVE-2021-46026

mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting XSS via the add blog tag function in the blog tag in the background blog management...

5.4CVSS0.00441EPSS
Exploits1References1
NVD
NVD
added 2022/01/19 11:15 p.m.20 views

CVE-2021-46027

mysiteforme, as of 19-12-2022, has a CSRF vulnerability in the background blog management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, a blog tag will be added...

6.5CVSS0.00416EPSS
Exploits1References1
Rows per page
Query Builder