15 matches found
CVE-2026-7677
A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...
CVE-2026-7677
A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...
CVE-2026-7677 kerwincui FastBee System Notice SysNoticeController.java add cross site scripting
A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...
EUVD-2026-26811
A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...
EUVD-2025-10361
Malicious code in bioql PyPI...
CVE-2025-7902
A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The...
CVE-2025-7902 yangzongzhuan RuoYi SysNoticeController.java addSave cross site scripting
A vulnerability classified as problematic has been found in yangzongzhuan RuoYi up to 4.8.1. Affected is the function addSave of the file com/ruoyi/web/controller/system/SysNoticeController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The...
RuoYi 代码注入漏洞
RuoYi is a backend management system for individual developers of RuoYi in China. RuoYi 4.8.1 and previous versions of code injection vulnerability exists, the vulnerability stems from the file com/ruoyi/web/controller/system/SysNoticeController.java function addSave incorrect operation leads to...
CVE-2025-28412
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave method in SysNoticeController...
CVE-2025-28412
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave method in SysNoticeController...
CVE-2025-28412
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave method in SysNoticeController...
CVE-2025-28412
CVE-2025-28412 affects RUoYi v4.8.0. The issue enables a remote attacker to escalate privileges through the SysNoticeController.editSave method. Root cause details are not fully disclosed in the provided documents, but multiple sources confirm a privilege escalation vulnerability with a high/crit...
CVE-2025-28412
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave method in SysNoticeController...
PT-2025-15252 · Ruoyi · Ruoyi
Name of the Vulnerable Software and Affected Versions: RUoYi version 4.8.0 Description: An issue in RUoYi allows a remote attacker to escalate privileges via the "/editSave" method in SysNoticeController. Recommendations: For RUoYi version 4.8.0, as a temporary workaround, consider disabling the...
RuoYi AI 安全漏洞
RuoYi AI is a full-stack AI development platform for ageerle individual developers, designed to help developers rapidly build and deploy personalized AI applications. A security vulnerability exists in RuoYi AI version 2.0.0 and earlier, which stems from improper authorization in the...