35 matches found
CVE-2025-15122
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
EUVD-2025-205495
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
CVE-2025-15122
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
CVE-2025-15122 JeecgBoot datarule loadDatarule improper authorization
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
CVE-2025-15122 JeecgBoot datarule loadDatarule improper authorization
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
CVE-2025-15122 JeecgBoot datarule loadDatarule improper authorization
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
JeecgBoot 授权问题漏洞
JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot suffers from an authorization issue vulnerability that originates from improper authorization of the function...
PT-2025-53637
Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.9.0 Description A flaw exists in JeecgBoot that relates to improper authorization. The issue is located in the loadDatarule function within the /sys/sysDepartRole/datarule/ file. Manipulation of the departId/roleId...
CVE-2025-12933
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933 SourceCodester Baby Care System updatewelcome.php sql injection
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933 SourceCodester Baby Care System updatewelcome.php sql injection
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933
CVE-2025-12933 : A SQL injection vulnerability exists in SourceCodester Baby Care System 1.0 due to manipulation of the roleid parameter in /updatewelcome.php?id=siteoptions&action=welcome. The vulnerability can be exploited remotely and a public exploit is available. The connected documents cons...
SourceCodester Baby Care System SQL注入漏洞
SourceCodester Baby Care System is a SourceCodester open source application. It provides a baby care system. A SQL injection vulnerability exists in SourceCodester Baby Care System version 1.0, which stems from incorrect manipulation of the parameter roleid in the file /updatewelcome.php, which...
PT-2025-45603
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...
EUVD-2021-15543
Malware in sbrugna...
CVE-2025-10384
A flaw has been found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/cancelAll of the component Role Handler. Executing manipulation of the argument roleId/userIds can lead to improper authorization. The attack may ...
CVE-2025-10384
A flaw has been found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/cancelAll of the component Role Handler. Executing manipulation of the argument roleId/userIds can lead to improper authorization. The attack may ...
CVE-2025-10384 yangzongzhuan RuoYi Role cancelAll improper authorization
A flaw has been found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/cancelAll of the component Role Handler. Executing manipulation of the argument roleId/userIds can lead to improper authorization. The attack may ...
RuoYi 授权问题漏洞
RuoYi is a backend management system for individual developers in China RuoYi RuoYi. RuoYi 4.8.1 and previous versions of the authorization problem vulnerability, the vulnerability stems from the file / system / role / authUser / cancelAll in the parameter roleId and userIds there is improper...