7 matches found
CVE-2025-28411
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method in /tool/gen/editSave...
CVE-2025-28403
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the requesting user has administrative privileges before allowing modifications to system configuration settings...
CVE-2025-28411
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method in /tool/gen/editSave...
CVE-2025-28403
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method does not properly validate whether the requesting user has administrative privileges before allowing modifications to system configuration settings...
RuoYi 安全漏洞
RuoYi is a backend management system for individual developers of RuoYi in China. A security vulnerability exists in RuoYi version v.4.8.0, which stems from the editSave method not properly verifying the requested user privileges, which may result in modification of the system configuration...
PT-2025-15244 · Ruoyi · Ruoyi
Name of the Vulnerable Software and Affected Versions: RUoYi version 4.8.0 Description: An issue in RUoYi allows a remote attacker to escalate privileges via the editSave method, which does not properly validate whether the requesting user has administrative privileges before allowing modificatio...
CVE-2025-28411
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method in /tool/gen/editSave...