Submeter #780192: YunaiV yudao-cloud <=v2026.01 SQL Injectioninformação

TítuloYunaiV yudao-cloud <=v2026.01 SQL Injection
DescriçãoYudao-cloud is a background management system implemented based on Spring Cloud Alibaba + MyBatis Plus + Vue & Element. In the case of yudao-cloud, the vulnerability typically resides in the sorting or filtering parameters of the /admin-api/system/mail-log/page endpoint.An attacker can inject a conditional time-delay payload.
Fonte⚠️ https://github.com/NarcherAlter/Security_Note/blob/main/Vulnerability_Discovery/yudaoCloudv2026.01.md#
Utilizador
 Narcher (UID 91355)
Submissão14/03/2026 13h21 (há 17 dias)
Moderação30/03/2026 15h23 (16 days later)
EstadoAceite
Entrada VulDB354182 [YunaiV yudao-cloud até 2026.01 page toMail Injeção SQL]
Pontos18

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!