wanglingxiao

6 exploits Active since Jan 2025
CVE-2024-57767 GITEE HIGH java
wangl1989/mysiteforme < 2025-01-01 - Server-Side Request Forgery via /file/download
MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download.
704 stars
CVSS 8.6
CVE-2024-57766 GITEE CRITICAL java
wangl1989/mysiteforme < 2025-01-01 - Deserialization of Untrusted Data via system/table/editField
MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField.
704 stars
CVSS 9.1
CVE-2024-57765 GITEE HIGH java
wangl1989/mysiteforme < 2025-01-01 - SQL Injection via s_name Parameter
MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the s_name parameter at table/list.
704 stars
CVSS 7.5
CVE-2024-57764 GITEE CRITICAL java
wangl1989/mysiteforme < 2025-01-01 - Remote Code Execution via Fastjson Deserialization in Table Add Component
MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/add.
704 stars
CVSS 9.1
CVE-2024-57763 GITEE CRITICAL java
wangl1989/mysiteforme < 2025-01-01 - Deserialization of Untrusted Data via system/table/addField
MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField.
704 stars
CVSS 9.1
CVE-2024-57762 GITEE HIGH java
wangl1989/mysiteforme < 2025-01-01 - Deserialization of Untrusted Data via pom.xml Configuration File
MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml configuration file.
704 stars
CVSS 7.5