CVE-2024-57762

High CVSS: 7.5

MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml configuration file.

Vendor

Product

CWE

Yayın Tarihi

2025-01-15 00:15:33

Güncelleme

2025-04-10 15:38:17

Source Identifier

cve@mitre.org

KEV Date Added

CWE-502 Mysiteforme HIGH Wangl1989 2025

https://gitee.com/wanglingxiao/mysiteforme/issues/IBFVAT

Critical

CVE-2025-26136

A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1.

Critical

CVE-2024-57763

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table…

Critical

CVE-2024-57764

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table…

High

CVE-2024-57765

MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the s_name parameter at table/list.

Critical

CVE-2024-57766

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table…

High

CVE-2024-57767

MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download.