3 matches found
CVE-2024-42900
Ruoyi v4.7.9 and before was discovered to contain a cross-site scripting XSS vulnerability via the sql parameter of the createTable function at /tool/gen/create...
CVE-2024-29400
An issue was discovered in RuoYi v4.5.1, allows attackers to obtain sensitive information via the status parameter...
PT-2024-22881 · Ruoyi · Ruoyi
Name of the Vulnerable Software and Affected Versions: RuoYi version 4.5.1 Description: An issue was discovered that allows attackers to obtain sensitive information via the status parameter. Recommendations: For RuoYi version 4.5.1, consider restricting access to the status parameter to minimize...