CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

EUVD-2025-208233

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

CVE-2025-70821

The CVE-2025-70821 entry affects Renren-security (renren-security) prior to v5.5.0. Affected component: BaseServiceImpl.java, where the vulnerability is a SQL injection flaw likely arising from unsafe SQL construction. Impact is described as high/critical (CVSS 3.1: 9.8; Network attack, no privil...

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

renren-security 安全漏洞

Renren-security is a lightweight, front-end-independent Java rapid development platform open source by Renrenio. Versions of renren-security prior to v5.5.0 have security vulnerabilities; these vulnerabilities stem from the BaseServiceImpl.java component, which is vulnerable to SQL injection...

PT-2026-22738

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

EUVD-2025-10063

Malicious code in bioql PyPI...

CVE-2025-3387

A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

CVE-2025-3387

A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

CVE-2025-3387

A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

CVE-2025-3387 renrenio renren-security JSON cross site scripting

A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

CVE-2025-3387

The CVE-2025-3387 issue affects renrenio renren-security up to version 5.4.0, specifically the JSON Handler component. Root cause is a cross-site scripting vulnerability in the JSON Handler that can be triggered remotely. Publicly disclosed exploit details exist, and the impact is limited to the ...

CVE-2025-3387 renrenio renren-security JSON cross site scripting

A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

PT-2025-15306 · Renrenio · Renren-Security

Name of the Vulnerable Software and Affected Versions: renrenio renren-security versions up to 5.4.0 Description: A vulnerability has been found in renrenio renren-security, affecting an unknown part of the JSON Handler component. The manipulation leads to cross-site scripting attacks, which can ...

renren-security 代码注入漏洞

renren-security is a lightweight, front-end and back-end separated Java rapid development platform open source by renrenio. A code injection vulnerability exists in renren-security version 5.4.0 and earlier, which stems from cross-site scripting in JSON Handler...