Iocoder

Ruoyi-vue-pro

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-10988

  • EPSS 0.05%
  • Veröffentlicht 26.09.2025 01:15:36
  • Zuletzt bearbeitet 14.11.2025 23:43:55

A vulnerability was identified in YunaiV ruoyi-vue-pro up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit is pub...

8.8

CVE-2025-10278

Exploit
  • EPSS 0.05%
  • Veröffentlicht 12.09.2025 03:32:07
  • Zuletzt bearbeitet 14.11.2025 20:14:18

A flaw has been found in YunaiV ruoyi-vue-pro up to 2025.09. Impacted is an unknown function of the file /crm/contact/transfer. This manipulation of the argument ids/newOwnerUserId causes improper authorization. The attack is possible to be carried o...

8.8

CVE-2025-10276

Exploit
  • EPSS 0.05%
  • Veröffentlicht 12.09.2025 02:02:06
  • Zuletzt bearbeitet 14.11.2025 20:27:30

A security vulnerability has been detected in YunaiV ruoyi-vue-pro up to 2025.09. This vulnerability affects unknown code of the file /crm/contract/transfer. The manipulation of the argument id/newOwnerUserId leads to improper authorization. Remote e...

5.4

CVE-2025-2744

Exploit
  • EPSS 0.18%
  • Veröffentlicht 25.03.2025 07:00:11
  • Zuletzt bearbeitet 14.07.2025 20:11:35

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected is an unknown function of the file /admin-api/mp/material/upload-news-image of the component Material Upload Interface. The manipulation of th...

8.1

CVE-2025-2743

Exploit
  • EPSS 0.4%
  • Veröffentlicht 25.03.2025 07:00:10
  • Zuletzt bearbeitet 25.08.2025 02:13:47

A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The ...

8.1

CVE-2025-2742

Exploit
  • EPSS 0.38%
  • Veröffentlicht 25.03.2025 06:31:07
  • Zuletzt bearbeitet 15.07.2025 13:07:15

A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. This vulnerability affects unknown code of the file /admin-api/mp/material/upload-permanent of the component Material Upload Interface. The manipulation of the arg...

9.1

CVE-2025-2708

Exploit
  • EPSS 0.65%
  • Veröffentlicht 24.03.2025 19:31:03
  • Zuletzt bearbeitet 25.08.2025 02:13:36

A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1. This affects an unknown part of the file /admin-api/infra/file/upload of the component Backend File Upload Interface. The manipulation of the argument ...

9.1

CVE-2025-2707

Exploit
  • EPSS 0.4%
  • Veröffentlicht 24.03.2025 19:15:50
  • Zuletzt bearbeitet 15.07.2025 13:07:48

A vulnerability, which was classified as critical, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this issue is some unknown functionality of the file /app-api/infra/file/upload of the component Front-End Store Interface. The manipu...

6.3

CVE-2025-2040

Exploit
  • EPSS 0.12%
  • Veröffentlicht 06.03.2025 20:15:38
  • Zuletzt bearbeitet 07.07.2025 18:29:28

A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. Affected by this vulnerability is an unknown functionality of the file /admin-api/bpm/model/deploy. The manipulation leads to improper neutralization of special el...

9.8

CVE-2022-37158

Exploit
  • EPSS 0.32%
  • Veröffentlicht 25.08.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 07:14:32

RuoYi v3.8.3 has a Weak password vulnerability in the management system.