3 matches found
PT-2025-15248 · Ruoyi · Ruoyi
Name of the Vulnerable Software and Affected Versions: RUoYi version 4.8.0 Description: The issue allows a remote attacker to escalate privileges. This is achieved via the selectDeptTree method of the "/selectDeptTree/deptId" endpoint, which does not properly validate the deptId parameter...
PT-2023-26107 · Geeklog · Geeklog
Name of the Vulnerable Software and Affected Versions: Geeklog version 2.2.2 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of "/admin/router.php" API endpoint. This enables the execution of...
Denial Of Service (DoS)
apacheairflow is vulnerable to denial of service. The vulnerability exists due to a lack of check on the endpoint to add/modify Airflow variables used in DAGs, causing the system to crash, expose information or execute code/scripts...