9 matches found
CVE-2025-10218
A flaw has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of the file modules/system/dao/SysRoleDao.go of the component Background Management Page. This manipulation of the argument sortName causes sql injection. Remote exploitation of the attack is possible. The...
CVE-2025-10218
CVE-2025-10218 affects lostvip-com ruoyi-go 2.1, specifically the SelectListPage function in modules/system/dao/SysRoleDao.go. The vulnerability arises from manipulation of the sortName argument, enabling SQL injection with remote exploitation reported as possible. Exploitation code has been publ...
CVE-2025-10218 lostvip-com ruoyi-go Background Management SysRoleDao.go SelectListPage sql injection
A flaw has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of the file modules/system/dao/SysRoleDao.go of the component Background Management Page. This manipulation of the argument sortName causes sql injection. Remote exploitation of the attack is possible. The...
CVE-2025-10218 lostvip-com ruoyi-go Background Management SysRoleDao.go SelectListPage sql injection
A flaw has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of the file modules/system/dao/SysRoleDao.go of the component Background Management Page. This manipulation of the argument sortName causes sql injection. Remote exploitation of the attack is possible. The...
PT-2025-37101
Name of the Vulnerable Software and Affected Versions: ruoyi-go version 2.1 Description: A flaw exists in the SelectListPage function within the SysRoleDao.go file of the Background Management Page component. Manipulation of the sortName argument can lead to SQL injection. Remote exploitation is...
CVE-2025-9412
A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public a...
CVE-2025-9413
CVE-2025-9413 affects lostvip-com ruoyi-go up to version 2.1. The vulnerability is in the function SelectListByPage (modules/system/system_router.go), where manipulation of the arguments orderByColumn and isAsc enables SQL injection. The issue can be triggered remotely; a public exploit has been ...
CVE-2025-9412 lostvip-com ruoyi-go DictDataDao.go SelectListByPage sql injection
A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public a...
PT-2025-34690 · Ruoyi-Go · Ruoyi-Go
Name of the Vulnerable Software and Affected Versions: ruoyi-go versions up to 2.1 Description: A vulnerability exists in the SelectListByPage function within the modules/system/dao/DictDataDao.go file. Manipulation of the orderByColumn and isAsc arguments can lead to SQL injection. This issue is...