Product:

Mysiteforme

(Wangl1989)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 5
Date Id Summary Products Score Patch Annotated
2025-03-04 CVE-2025-26136 A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1. Mysiteforme N/A
2025-01-05 CVE-2024-13136 A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Mysiteforme 9.8
2025-01-05 CVE-2024-13137 A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Mysiteforme 5.4
2025-01-05 CVE-2024-13138 A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Mysiteforme 8.8
2025-01-05 CVE-2024-13139 A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Mysiteforme 8.8