3 matches found
CVE-2025-14856
A security vulnerability has been detected in yproject RuoYi up to 4.8.1. The affected element is an unknown function of the file /monitor/cache/getnames. Such manipulation of the argument fragment leads to code injection. The attack can be executed remotely. The exploit has been disclosed public...
PT-2025-51988
Name of the Vulnerable Software and Affected Versions y project RuoYi versions up to 4.8.1 Description A security issue exists in y project RuoYi, potentially allowing for remote code injection. The issue is related to manipulation of the fragment argument within an unknown function in the...
PT-2023-26321 · Unknown · Y Project Ruoyi
Name of the Vulnerable Software and Affected Versions: y project RuoYi versions up to 4.7.7 Description: A vulnerability has been found in the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be...