CVE-2025-9412 in ruoyi-go情報

要約

〜によって MITRE • 2025年08月26日

A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

責任者

VulDB

モデレーション

承諾済み

エントリ

VDB-321253

エクスプロイト

ダウンロード

EPSS

0.00320

アクティビティ

非常低い

ソース

Do you need the next level of professionalism?

Upgrade your account now!