Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2025/03/04 12:0 a.m.5 views

mysiteforme SQL注入漏洞

mysiteforme is a privilege management system for wangl1989 individual developers. A security vulnerability exists in versions of mysiteforme prior to 2025.01.1, which stems from the presence of a SQL injection issue...

9.8CVSS7.7AI score0.00366EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/01/14 12:0 a.m.2 views

Mysiteforme 安全漏洞

Mysiteforme is a permissions management system for wangl1989 individual developers. A security vulnerability exists in Mysiteforme versions prior to 2025.01.01, which stems from a discovery via the component /file/download that contains a server-side request forgery vulnerability...

8.6CVSS6.7AI score0.00423EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2025/01/05 11:0 a.m.7 views

CVE-2024-13139 wangl1989 mysiteforme FileController doContent server-side request forgery

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The atta...

6.5CVSS6.5AI score0.00535EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/01/05 11:0 a.m.21 views

CVE-2024-13139 wangl1989 mysiteforme FileController doContent server-side request forgery

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The atta...

6.5CVSS0.00535EPSS
Exploits1References5
CVE
CVEadded 2025/01/05 10:31 a.m.53 views

CVE-2024-13138

CVE-2024-13138 affects wangl1989 mysiteforme 1.0, specifically the file upload logic in LocalUploadServiceImpl (src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl). The root cause is manipulation of the argument named test, enabling unrestricted file upload. The issue is exploi...

8.8CVSS7.2AI score0.00421EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2025/01/05 10:31 a.m.27 views

CVE-2024-13138 wangl1989 mysiteforme LocalUploadServiceImpl upload unrestricted upload

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload. The attac...

5.8CVSS0.00421EPSS
Exploits1References5
CVE
CVEadded 2025/01/05 9:0 a.m.45 views

CVE-2024-13136

Summary (CVE-2024-13136): A deserialization vulnerability affecting the RememberMeManager in wangl1989 mysiteforme 1.0, located at src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The issue is triggered via the RememberMeManager component and can be exploited remotely. The exploit has...

9.8CVSS6.4AI score0.00579EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder