Vulnerabilities > Dromara

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-25	CVE-2023-31581	Use of Hard-coded Credentials vulnerability in Dromara Sureness Dromara Sureness before v1.0.8 was discovered to use a hardcoded key. network low complexity dromara CWE-798 critical	9.8
2023-10-25	CVE-2023-43961	Incorrect Authorization vulnerability in Dromara Sa-Token An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass. network low complexity dromara CWE-863	8.8
2023-10-25	CVE-2023-44794	Unspecified vulnerability in Dromara Sa-Token An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL. network low complexity dromara critical	9.8
2023-06-15	CVE-2023-3276	XXE vulnerability in Dromara Hutool A vulnerability, which was classified as problematic, has been found in Dromara HuTool up to 5.8.19. network low complexity dromara CWE-611	7.5

Vulnerabilities > Dromara {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Dromara"}]}