4 matches found
CVE-2025-7906
creationtimestamp| type| source ---|---|--- 2025-07-20 23:16:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lugm7mvg2l2i...
CVE-2025-7906
A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1 and classified as critical. This issue affects the function uploadFile of the file ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java. The manipulation of the argument File leads to unrestricted upload. The...
CVE-2025-7906 yangzongzhuan RuoYi CommonController.java uploadFile unrestricted upload
A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1 and classified as critical. This issue affects the function uploadFile of the file ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java. The manipulation of the argument File leads to unrestricted upload. The...
CVE-2025-7906
CVE-2025-7906 affects RuoYi up to version 4.8.1. The vulnerability is in the uploadFile function (ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java) where manipulating the File argument enables unrestricted file upload. The issue can be triggered remotely and the exp...