CVE-2025-9412 in ruoyi-goinfo

Zusammenfassung

von MITRE • 26.08.2025

A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Zuständig

VulDB

Veröffentlichung

26.08.2025

Moderieren

akzeptiert

Eintrag

VDB-321253

CPE

bereit

Exploit

Download

EPSS

0.00320

KEV

nein

Aktivitäten

very low

Quellen

Want to know what is going to be exploited?

We predict KEV entries!