Lucene search
+L

20 matches found

euvd
euvd
added 2026/06/15 9:30 p.m.18 views

EUVD-2026-36758

RuoYi v4.8.2 is vulnerable to SQL Injection via the /tool/gen/createTable endpoint. The issue affects the code generation module and may allow an authenticated attacker with administrative privileges to access sensitive database information...

5.8AI score0.00393EPSS
Exploits1References2
cvelist
cvelist
added 2026/06/15 12:0 a.m.36 views

CVE-2026-38812

RuoYi v4.8.2 is vulnerable to SQL Injection via the /tool/gen/createTable endpoint. The issue affects the code generation module and may allow an authenticated attacker with administrative privileges to access sensitive database information...

0.00393EPSS
Exploits1References1
nvd
nvd
added 2025/12/23 5:15 p.m.5 views

CVE-2024-57521

SQL Injection vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the createTable function in SqlUtil.java...

10CVSS0.00587EPSS
Exploits2References4
ptsecurity
ptsecurity
added 2025/12/23 12:0 a.m.5 views

PT-2025-52769

Name of the Vulnerable Software and Affected Versions RuoYi versions prior to 4.7.9 Description A SQL Injection issue exists in RuoYi versions prior to 4.7.9. This allows a remote attacker to execute arbitrary code through the createTable function located in SqlUtil.java. The vulnerability is...

10CVSS8.3AI score0.00587EPSS
Exploits2References9
cve
cve
added 2025/12/23 12:0 a.m.14 views

CVE-2024-57521

CVE-2024-57521 is a SQL Injection vulnerability in Ruoyi (RuoYi) Framework, affecting v4.7.9 and earlier. The flaw resides in SqlUtil.java (createTable function), allowing a remote attacker to execute arbitrary SQL/Code via crafted requests. Public evidence includes PoCs and multiple advisories a...

10CVSS8.4AI score0.00587EPSS
Exploits2References4Affected Software1
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-50827

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0085EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 12:28 a.m.7 views

CVE-2022-48114

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

9.8CVSS8.3AI score0.0085EPSS
Exploits1References1
githubexploit
githubexploit
added 2024/12/18 4:3 p.m.149 views

Exploit for CVE-2024-57521

Authenticated SQL Injection in RuoYi v4.7.9 Bypass of CVE-202...

10CVSS8.4AI score0.00587EPSS
Exploits4
osv
osv
added 2024/12/17 12:0 a.m.4 views

OSV-2023-1402 Global-buffer-overflow in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<ch

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=384343083 Crash type: Global-buffer-overflow READ Crash state: std::1::basicstring, std::1::allocatorch XYWriteParser::createTable XYWriteParser::parseTextZone...

6.9AI score
Exploits0References1
nvd
nvd
added 2024/08/28 4:15 p.m.41 views

CVE-2024-42900

Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting XSS vulnerability via the sql parameter of the createTable function at /tool/gen/create...

6.1CVSS0.00341EPSS
Exploits3References2
cve
cve
added 2024/08/28 12:0 a.m.69 views

CVE-2024-42900

CVE-2024-42900 affects Ruoyi v4.7.9 and earlier, where a cross-site scripting (XSS) vulnerability exists via the sql parameter to the createTable() function at /tool/gen/create. The issue is documented across multiple sources (Red Hat, NVD/NVD mirrors, CVE lists) with the same description. Affect...

6.1CVSS6.2AI score0.00341EPSS
Exploits3References2Affected Software1
ptsecurity
ptsecurity
added 2024/08/28 12:0 a.m.6 views

PT-2024-30194 · Ruoyi · Ruoyi

Name of the Vulnerable Software and Affected Versions: Ruoyi versions 4.7.9 and earlier Description: A cross-site scripting XSS issue was discovered in Ruoyi via the sql parameter of the createTable function at "/tool/gen/create". This allows for potential exploitation. Recommendations: For...

6.1CVSS5.4AI score0.00341EPSS
Exploits3References9
osv
osv
added 2024/08/28 12:0 a.m.9 views

CVE-2024-42900

Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting XSS vulnerability via the sql parameter of the createTable function at /tool/gen/create...

6.1CVSS6.2AI score0.00341EPSS
Exploits3References4
cnnvd
cnnvd
added 2024/08/28 12:0 a.m.4 views

RuoYi 安全漏洞

RuoYi is a back-end management system by the individual developer of RuoYi in China. A security vulnerability exists in RuoYi v4.7.9, which is caused by a cross-site scripting XSS vulnerability in the sql parameter of the createTable function at /tool/gen/create...

6.1CVSS5.8AI score0.00341EPSS
Exploits3References3
cvelist
cvelist
added 2024/08/28 12:0 a.m.34 views

CVE-2024-42900

Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting XSS vulnerability via the sql parameter of the createTable function at /tool/gen/create...

0.00341EPSS
Exploits3References2
nvd
nvd
added 2023/02/02 10:15 p.m.24 views

CVE-2022-48114

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

9.8CVSS9.8AI score0.0085EPSS
Exploits1References1
prion
prion
added 2023/02/02 10:15 p.m.18 views

Sql injection

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

7.5CVSS9.7AI score0.0085EPSS
Exploits1References1Affected Software1
cnnvd
cnnvd
added 2023/02/02 12:0 a.m.4 views

RuoYi SQL注入漏洞

RuoYi is a backend management system for individual developers of RuoYi in China. A security vulnerability exists in RuoYi versions prior to v4.7.5, which stems from a problem with the component /tool/gen/createTable, resulting in SQL injection...

9.8CVSS8.5AI score0.0085EPSS
Exploits1References3
cvelist
cvelist
added 2023/02/02 12:0 a.m.41 views

CVE-2022-48114

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

10AI score0.0085EPSS
Exploits1References1
osv
osv
added 2023/02/02 12:0 a.m.18 views

CVE-2022-48114

RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable...

9.8CVSS9.8AI score0.0085EPSS
Exploits1References3
Rows per page
Query Builder