VYPR
Vendor

Wangl1989

Products
2
CVEs
9
Across products
9
Status
Private

Products

2

Recent CVEs

9
  • CVE-2025-26136CriMar 4, 2025
    risk 0.64cvss 9.8epss 0.00

    A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1.

  • CVE-2024-57767HigJan 15, 2025
    risk 0.56cvss 8.6epss 0.00

    MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download.

  • CVE-2022-29309HigMay 24, 2022
    risk 0.49cvss 7.5epss 0.01

    mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery.

  • CVE-2021-46027MedJan 19, 2022
    risk 0.42cvss 6.5epss 0.00

    mysiteforme, as of 19-12-2022, has a CSRF vulnerability in the background blog management. The attacker constructs a CSRF load. Once the administrator clicks a malicious link, a blog tag will be added

  • CVE-2024-13139MedJan 5, 2025
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request…

  • CVE-2024-13136MedJan 5, 2025
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be…

  • CVE-2021-46026MedJan 20, 2022
    risk 0.35cvss 5.4epss 0.00

    mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting (XSS) via the add blog tag function in the blog tag in the background blog management.

  • CVE-2024-13138MedJan 5, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted…

  • CVE-2024-13137LowJan 5, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible…