Lucene search
K

4 matches found

NVD
NVD
added 2025/09/10 10:15 p.m.5 views

CVE-2025-10218

A flaw has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of the file modules/system/dao/SysRoleDao.go of the component Background Management Page. This manipulation of the argument sortName causes sql injection. Remote exploitation of the attack is possible. The...

9.8CVSS0.0034EPSS
Exploits0References4
CVE
CVE
added 2025/09/10 9:32 p.m.14 views

CVE-2025-10218

CVE-2025-10218 affects lostvip-com ruoyi-go 2.1, specifically the SelectListPage function in modules/system/dao/SysRoleDao.go. The vulnerability arises from manipulation of the sortName argument, enabling SQL injection with remote exploitation reported as possible. Exploitation code has been publ...

9.8CVSS6.2AI score0.0034EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.5 views

PT-2025-37101

Name of the Vulnerable Software and Affected Versions: ruoyi-go version 2.1 Description: A flaw exists in the SelectListPage function within the SysRoleDao.go file of the Background Management Page component. Manipulation of the sortName argument can lead to SQL injection. Remote exploitation is...

6.5CVSS6.4AI score0.0034EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/09/10 12:0 a.m.4 views

ruoyi-go SQL注入漏洞

ruoyi-go is a backend management system for individual developers at lostvip.com. A SQL injection vulnerability exists in ruoyi-go version 2.1, which originates from an incorrect operation of the parameter sortName in the file modules/system/dao/SysRoleDao.go in the component Background Managemen...

9.8CVSS6.9AI score0.0034EPSS
Exploits0References4
Rows per page
Query Builder