Lucene search
K

5 matches found

OSV
OSV
added 2025/05/17 6:0 a.m.8 views

CVE-2025-4819 y_project RuoYi Offline Logout batchForceLogout improper authorization

A vulnerability classified as problematic has been found in yproject RuoYi 4.8.0. Affected is an unknown function of the file /monitor/online/batchForceLogout of the component Offline Logout. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack...

2.3CVSS4.3AI score0.00369EPSS
Exploits1References6
CVE
CVE
added 2025/05/17 6:0 a.m.44 views

CVE-2025-4819

CVE-2025-4819 affects y_project Ruoyi 4.8.0, targeting the /monitor/online/batchForceLogout path in the Offline Logout component. The issue arises from manipulation of the ids argument, leading to improper authorization and enabling a remote attack. The exploit is described as high complexity, bu...

3.1CVSS7.2AI score0.00369EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2025/04/07 4:15 p.m.18 views

CVE-2025-28401

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the menuId parameter...

6.7CVSS0.00334EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.6 views

PT-2025-15243 · Ruoyi · Ruoyi

Name of the Vulnerable Software and Affected Versions: RUoYi version 4.8.0 Description: An issue in RUoYi allows a remote attacker to escalate privileges via the jobId parameter. Recommendations: For RUoYi version 4.8.0, consider restricting access to the jobId parameter to minimize the risk of...

9.8CVSS6.5AI score0.00614EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/04/07 12:0 a.m.24 views

CVE-2025-28401

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the menuId parameter...

0.00334EPSS
Exploits1References1
Rows per page
Query Builder