Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

44 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-25749

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00068EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-27619

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00061EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-25756

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.0019EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-25722

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00081EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-25735

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00081EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-25721

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00081EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/09/12 10:28 p.m.2 views

CVE-2025-10218

A flaw has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of the file modules/system/dao/SysRoleDao.go of the component Background Management Page. This manipulation of the argument sortName causes sql injection. Remote exploitation of the attack is possible. The...

6.5CVSS6.6AI score0.00061EPSS
Exploits0References1
NVD
NVDadded 2025/09/10 10:15 p.m.2 views

CVE-2025-10218

A flaw has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of the file modules/system/dao/SysRoleDao.go of the component Background Management Page. This manipulation of the argument sortName causes sql injection. Remote exploitation of the attack is possible. The...

9.8CVSS0.00061EPSS
Exploits0References4
OSV
OSVadded 2025/09/10 10:15 p.m.1 views

CVE-2025-10218

A flaw has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of the file modules/system/dao/SysRoleDao.go of the component Background Management Page. This manipulation of the argument sortName causes sql injection. Remote exploitation of the attack is possible. The...

9.8CVSS6.8AI score
Exploits0References4
Cvelist
Cvelistadded 2025/09/10 9:32 p.m.6 views

CVE-2025-10218 lostvip-com ruoyi-go Background Management SysRoleDao.go SelectListPage sql injection

A flaw has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of the file modules/system/dao/SysRoleDao.go of the component Background Management Page. This manipulation of the argument sortName causes sql injection. Remote exploitation of the attack is possible. The...

6.5CVSS0.00061EPSS
Exploits0References4
CVE
CVEadded 2025/09/10 9:32 p.m.10 views

CVE-2025-10218

CVE-2025-10218 affects lostvip-com ruoyi-go 2.1, specifically the SelectListPage function in modules/system/dao/SysRoleDao.go. The vulnerability arises from manipulation of the sortName argument, enabling SQL injection with remote exploitation reported as possible. Exploitation code has been publ...

9.8CVSS6.2AI score0.00061EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2025/09/10 12:0 a.m.3 views

PT-2025-37101

Name of the Vulnerable Software and Affected Versions: ruoyi-go version 2.1 Description: A flaw exists in the SelectListPage function within the SysRoleDao.go file of the Background Management Page component. Manipulation of the sortName argument can lead to SQL injection. Remote exploitation is...

6.5CVSS6.4AI score0.00061EPSS
Exploits0References7
CNNVD
CNNVDadded 2025/09/10 12:0 a.m.2 views

ruoyi-go SQL注入漏洞

ruoyi-go is a backend management system for individual developers at lostvip.com. A SQL injection vulnerability exists in ruoyi-go version 2.1, which originates from an incorrect operation of the parameter sortName in the file modules/system/dao/SysRoleDao.go in the component Background Managemen...

9.8CVSS6.9AI score0.00061EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/08/30 6:21 p.m.2 views

CVE-2025-9413

A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/systemrouter.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may ...

6.5CVSS6.4AI score0.00081EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/08/30 6:20 p.m.3 views

CVE-2025-9411

A security vulnerability has been detected in lostvip-com ruoyi-go up to 2.1. The impacted element is the function SelectPageList of the file modules/system/service/LoginInforService.go. The manipulation of the argument isAsc leads to sql injection. The attack can be initiated remotely. The explo...

6.5CVSS6.5AI score0.00068EPSS
Exploits0References1
Snyk
Snykadded 2025/08/25 6:41 p.m.2 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the SelectListByPage function in the DictTypeDao.go file when processing the orderByColumn and isAsc arguments. An attacker can execute arbitrary SQL commands by supplying crafted input to these parameters. Remediation...

9.8CVSS8.6AI score0.00081EPSS
Exploits0References2
NVD
NVDadded 2025/08/25 6:15 p.m.2 views

CVE-2025-9413

A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/systemrouter.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may ...

9.8CVSS0.00081EPSS
Exploits0References6
NVD
NVDadded 2025/08/25 6:15 p.m.2 views

CVE-2025-9412

A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public a...

9.8CVSS0.00081EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/08/25 6:2 p.m.2 views

CVE-2025-9413 lostvip-com ruoyi-go system_router.go SelectListByPage sql injection

A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/systemrouter.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may ...

6.5CVSS7.3AI score0.00081EPSS
Exploits0References6
Cvelist
Cvelistadded 2025/08/25 6:2 p.m.7 views

CVE-2025-9413 lostvip-com ruoyi-go system_router.go SelectListByPage sql injection

A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/systemrouter.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may ...

6.5CVSS0.00081EPSS
Exploits0References6
Rows per page
Query Builder