Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/08/30 6:21 p.m.6 views

CVE-2025-9412

A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public a...

6.5CVSS6.6AI score0.0032EPSS
Exploits0References1
Snyk
Snyk
added 2025/08/25 5:45 p.m.4 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the SelectListByPage function in the file DictDataDao.go when processing the orderByColumn or isAsc arguments. An attacker can execute arbitrary SQL commands by supplying crafted input to these parameters. Remediation...

9.8CVSS8.5AI score0.0032EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/25 5:32 p.m.11 views

CVE-2025-9412 lostvip-com ruoyi-go DictDataDao.go SelectListByPage sql injection

A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public a...

6.5CVSS0.0032EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.5 views

PT-2025-34690 · Ruoyi-Go · Ruoyi-Go

Name of the Vulnerable Software and Affected Versions: ruoyi-go versions up to 2.1 Description: A vulnerability exists in the SelectListByPage function within the modules/system/dao/DictDataDao.go file. Manipulation of the orderByColumn and isAsc arguments can lead to SQL injection. This issue is...

6.5CVSS6.5AI score0.0032EPSS
Exploits0References10
Rows per page
Query Builder