4 matches found
CVE-2025-9412
A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public a...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the SelectListByPage function in the file DictDataDao.go when processing the orderByColumn or isAsc arguments. An attacker can execute arbitrary SQL commands by supplying crafted input to these parameters. Remediation...
CVE-2025-9412 lostvip-com ruoyi-go DictDataDao.go SelectListByPage sql injection
A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public a...
PT-2025-34690 · Ruoyi-Go · Ruoyi-Go
Name of the Vulnerable Software and Affected Versions: ruoyi-go versions up to 2.1 Description: A vulnerability exists in the SelectListByPage function within the modules/system/dao/DictDataDao.go file. Manipulation of the orderByColumn and isAsc arguments can lead to SQL injection. This issue is...