📦 Mysiteforme

A SQL injection vulnerability in mysiteforme allows attackers to execute arbitrary SQL commands on the database. This affects all mysiteforme installations running versions before 2025.01.1, potential...

This CVE describes a fastjson deserialization vulnerability in MSFM that allows remote code execution by sending malicious payloads to the system/table/addField endpoint. Attackers can exploit this to...

This vulnerability allows remote code execution through fastjson deserialization in MSFM's table editing component. Attackers can exploit this to execute arbitrary code on affected systems. All system...

This SQL injection vulnerability in MSFM allows attackers to execute arbitrary SQL commands through the s_name parameter in the table/list functionality. Attackers could potentially read, modify, or d...

MSFM before version 2025.01.01 contains a deserialization vulnerability in its pom.xml configuration file that could allow remote code execution. This affects systems running vulnerable versions of MS...

This vulnerability allows remote attackers to upload arbitrary files without restrictions in wangl1989 mysiteforme 1.0. Attackers can exploit this to upload malicious files like webshells or malware. ...

This vulnerability allows remote attackers to execute arbitrary code through insecure deserialization in the rememberMeManager function of mysiteforme 1.0. Attackers can exploit this to gain unauthori...