Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/31 10:58 p.m.6 views

CVE-2026-5147

A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This affects an unknown part of the file /admin-api/system/tenant/get-by-website. The manipulation of the argument Website results in sql injection. It is possible to launch the attack remotely. The exploit has been released...

7.5CVSS6.8AI score0.00326EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/30 9:31 p.m.5 views

EUVD-2026-17168

A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This affects an unknown part of the file /admin-api/system/tenant/get-by-website. The manipulation of the argument Website results in sql injection. It is possible to launch the attack remotely. The exploit has been released...

7.5CVSS6.8AI score0.00326EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/30 6:45 p.m.24 views

CVE-2026-5147 YunaiV yudao-cloud get-by-website sql injection

A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This affects an unknown part of the file /admin-api/system/tenant/get-by-website. The manipulation of the argument Website results in sql injection. It is possible to launch the attack remotely. The exploit has been released...

7.5CVSS0.00326EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/30 6:45 p.m.1 views

CVE-2026-5147

A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This affects an unknown part of the file /admin-api/system/tenant/get-by-website. The manipulation of the argument Website results in sql injection. It is possible to launch the attack remotely. The exploit has been released...

7.5CVSS5.7AI score0.00326EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.3 views

PT-2026-29101

A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This affects an unknown part of the file /admin-api/system/tenant/get-by-website. The manipulation of the argument Website results in sql injection. It is possible to launch the attack remotely. The exploit has been released...

7.5CVSS6.8AI score0.00326EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.8 views

yudao-cloud SQL注入漏洞

Yudao-Cloud is a backend management system developed by YunaiV as an individual developer. Versions of Yudao-Cloud prior to 2026.01 contained a SQL injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter “Website” in files located at...

7.5CVSS7.2AI score0.00326EPSS
Exploits0References4
Rows per page
Query Builder