22 matches found
CVE-2026-13528 YunaiV/zhijiantianya ruoyi-vue-pro AppFileController File Upload Endpoint FileServiceImpl.java generateUploadPath path traversal
A vulnerability was found in YunaiV/zhijiantianya ruoyi-vue-pro up to 2026.04-jdk8-SNAPSHOT. The impacted element is the function generateUploadPath of the file yudao-module-infra/src/main/java/cn/iocoder/yudao/module/infra/service/file/FileServiceImpl.java of the component AppFileController File...
EUVD-2025-8067
Malicious code in bioql PyPI...
EUVD-2025-8068
Malicious code in bioql PyPI...
EUVD-2025-8007
Malicious code in bioql PyPI...
EUVD-2025-8005
Malicious code in bioql PyPI...
CVE-2025-2743
A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...
CVE-2025-2742
A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. This vulnerability affects unknown code of the file /admin-api/mp/material/upload-permanent of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. The attack...
CVE-2025-2708
A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. This affects an unknown part of the file /admin-api/infra/file/upload of the component Backend File Upload Interface. The manipulation of the argument path leads to path traversal. It is possible to...
CVE-2025-2743 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-temporary path traversal
A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...
CVE-2025-2743 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-temporary path traversal
A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...
CVE-2025-2743
CVE-2025-2743 affects zhijiantianya ruoyi-vue-pro 2.4.1. The vulnerability exists in the Material Upload Interface, specifically the endpoint /admin-api/mp/material/upload-temporary, where manipulation of the File argument leads to path traversal. Descriptions from multiple sources indicate remot...
CVE-2025-2742 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-permanent path traversal
A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. This vulnerability affects unknown code of the file /admin-api/mp/material/upload-permanent of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. The attack...
CVE-2025-2742
CVE-2025-2742 affects zhijiantianya ruoyi-vue-pro 2.4.1. The vulnerability exists in the Material Upload Interface’s /admin-api/mp/material/upload-permanent path, where manipulation of the File argument leads to path traversal. Remote exploitation is possible, and the exploit has been publicly di...
PT-2025-12769
Name of the Vulnerable Software and Affected Versions zhijiantianya ruoyi-vue-pro version 2.4.1 Description A critical issue was found in the Material Upload Interface component, specifically affecting the /admin-api/mp/material/upload-permanent file. The manipulation of the File argument leads t...
PT-2025-12770 · Zhijiantianya · Ruoyi-Vue-Pro
Name of the Vulnerable Software and Affected Versions: zhijiantianya ruoyi-vue-pro version 2.4.1 Description: A problematic issue has been found in the Material Upload Interface component, affecting the processing of the file /admin-api/mp/material/upload-temporary. The manipulation of the File...
CVE-2025-2708
A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. This affects an unknown part of the file /admin-api/infra/file/upload of the component Backend File Upload Interface. The manipulation of the argument path leads to path traversal. It is possible to...
CVE-2025-2708 zhijiantianya ruoyi-vue-pro Backend File Upload Interface upload path traversal
A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. This affects an unknown part of the file /admin-api/infra/file/upload of the component Backend File Upload Interface. The manipulation of the argument path leads to path traversal. It is possible to...
CVE-2025-2707
A vulnerability, which was classified as critical, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this issue is some unknown functionality of the file /app-api/infra/file/upload of the component Front-End Store Interface. The manipulation of the argument path leads to path...
PT-2025-12574 · Unknown · Zhijiantianya Ruoyi-Vue-Pro
Name of the Vulnerable Software and Affected Versions: zhijiantianya ruoyi-vue-pro version 2.4.1 Description: A critical vulnerability was found in the Backend File Upload Interface of zhijiantianya ruoyi-vue-pro. This affects an unknown part of the file "/admin-api/infra/file/upload" and allows...
CVE-2025-2040
A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this vulnerability is an unknown functionality of the file /admin-api/bpm/model/deploy. The manipulation leads to improper neutralization of special elements used in a template engine. The attack ca...