3 matches found
CVE-2024-13139 wangl1989 mysiteforme FileController doContent server-side request forgery
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The atta...
CVE-2024-13138 wangl1989 mysiteforme LocalUploadServiceImpl upload unrestricted upload
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload. The attac...
CVE-2024-13136
Summary (CVE-2024-13136): A deserialization vulnerability affecting the RememberMeManager in wangl1989 mysiteforme 1.0, located at src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The issue is triggered via the RememberMeManager component and can be exploited remotely. The exploit has...