35 matches found
CVE-2025-15122
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
EUVD-2025-205495
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
CVE-2025-15122
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
CVE-2025-15122
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
CVE-2025-15122 JeecgBoot datarule loadDatarule improper authorization
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
CVE-2025-15122 JeecgBoot datarule loadDatarule improper authorization
A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId results in improper authorization. It is possible to initiate the attack remotely. The attack is...
JeecgBoot 授权问题漏洞
JeecgBoot is a low-code development platform that fuses code generation and AI applications to help organizations rapidly achieve low-code development and build AI applications. JeecgBoot suffers from an authorization issue vulnerability that originates from improper authorization of the function...
PT-2025-53637
Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.9.0 Description A flaw exists in JeecgBoot that relates to improper authorization. The issue is located in the loadDatarule function within the /sys/sysDepartRole/datarule/ file. Manipulation of the departId/roleId...
CVE-2025-12933
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933 SourceCodester Baby Care System updatewelcome.php sql injection
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933 SourceCodester Baby Care System updatewelcome.php sql injection
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions&action=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available...
CVE-2025-12933
CVE-2025-12933 : A SQL injection vulnerability exists in SourceCodester Baby Care System 1.0 due to manipulation of the roleid parameter in /updatewelcome.php?id=siteoptions&action=welcome. The vulnerability can be exploited remotely and a public exploit is available. The connected documents cons...
PT-2025-45603
A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part of the file /updatewelcome.php?id=siteoptions=welcome. Such manipulation of the argument roleid leads to sql injection. The attack can be launched remotely. The exploit is publicly available and...
SourceCodester Baby Care System SQL注入漏洞
SourceCodester Baby Care System is a SourceCodester open source application. It provides a baby care system. A SQL injection vulnerability exists in SourceCodester Baby Care System version 1.0, which stems from incorrect manipulation of the parameter roleid in the file /updatewelcome.php, which...
EUVD-2021-15543
Malware in sbrugna...
CVE-2025-10384
A flaw has been found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/cancelAll of the component Role Handler. Executing manipulation of the argument roleId/userIds can lead to improper authorization. The attack may ...
CVE-2025-10384
A flaw has been found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/cancelAll of the component Role Handler. Executing manipulation of the argument roleId/userIds can lead to improper authorization. The attack may ...
CVE-2025-10384 yangzongzhuan RuoYi Role cancelAll improper authorization
A flaw has been found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is an unknown functionality of the file /system/role/authUser/cancelAll of the component Role Handler. Executing manipulation of the argument roleId/userIds can lead to improper authorization. The attack may ...
RuoYi 授权问题漏洞
RuoYi is a backend management system for individual developers in China RuoYi RuoYi. RuoYi 4.8.1 and previous versions of the authorization problem vulnerability, the vulnerability stems from the file / system / role / authUser / cancelAll in the parameter roleId and userIds there is improper...