VYPR

MSFM

by MSFM

CVEs (6)

  • CVE-2024-57766CriJan 15, 2025
    risk 0.59cvss 9.1epss 0.00

    MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField.

  • CVE-2024-57764CriJan 15, 2025
    risk 0.59cvss 9.1epss 0.00

    MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add.

  • CVE-2024-57763CriJan 15, 2025
    risk 0.59cvss 9.1epss 0.00

    MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField.

  • CVE-2024-57767HigJan 15, 2025
    risk 0.56cvss 8.6epss 0.00

    MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download.

  • CVE-2024-57765HigJan 15, 2025
    risk 0.49cvss 7.5epss 0.00

    MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the s_name parameter at table/list.

  • CVE-2024-57762HigJan 15, 2025
    risk 0.49cvss 7.5epss 0.00

    MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml configuration file.