CVE-2024-57521

SQL Injection vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the createTable function in SqlUtil.java...

PT-2025-52769

Name of the Vulnerable Software and Affected Versions RuoYi versions prior to 4.7.9 Description A SQL Injection issue exists in RuoYi versions prior to 4.7.9. This allows a remote attacker to execute arbitrary code through the createTable function located in SqlUtil.java. The vulnerability is...

CVE-2024-57521

CVE-2024-57521 is a SQL Injection vulnerability in Ruoyi (RuoYi) Framework, affecting v4.7.9 and earlier. The flaw resides in SqlUtil.java (createTable function), allowing a remote attacker to execute arbitrary SQL/Code via crafted requests. Public evidence includes PoCs and multiple advisories a...

EUVD-2022-50827

Malicious code in bioql PyPI...

CVE-2022-48114

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

Exploit for CVE-2024-57521

Authenticated SQL Injection in RuoYi v4.7.9 Bypass of CVE-202...

OSV-2023-1402 Global-buffer-overflow in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<ch

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=384343083 Crash type: Global-buffer-overflow READ Crash state: std::1::basicstring, std::1::allocatorch XYWriteParser::createTable XYWriteParser::parseTextZone...

CVE-2024-42900

Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting XSS vulnerability via the sql parameter of the createTable function at /tool/gen/create...

CVE-2024-42900

Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting XSS vulnerability via the sql parameter of the createTable function at /tool/gen/create...

RuoYi 安全漏洞

RuoYi is a back-end management system by the individual developer of RuoYi in China. A security vulnerability exists in RuoYi v4.7.9, which is caused by a cross-site scripting XSS vulnerability in the sql parameter of the createTable function at /tool/gen/create...

CVE-2024-42900

CVE-2024-42900 affects Ruoyi v4.7.9 and earlier, where a cross-site scripting (XSS) vulnerability exists via the sql parameter to the createTable() function at /tool/gen/create. The issue is documented across multiple sources (Red Hat, NVD/NVD mirrors, CVE lists) with the same description. Affect...

PT-2024-30194 · Ruoyi · Ruoyi

Name of the Vulnerable Software and Affected Versions: Ruoyi versions 4.7.9 and earlier Description: A cross-site scripting XSS issue was discovered in Ruoyi via the sql parameter of the createTable function at "/tool/gen/create". This allows for potential exploitation. Recommendations: For...

CVE-2024-42900

Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting XSS vulnerability via the sql parameter of the createTable function at /tool/gen/create...

CVE-2022-48114

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

CVE-2022-48114

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

Sql injection

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

CVE-2022-48114

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

RuoYi SQL注入漏洞

RuoYi is a backend management system for individual developers of RuoYi in China. A security vulnerability exists in RuoYi versions prior to v4.7.5, which stems from a problem with the component /tool/gen/createTable, resulting in SQL injection...