Vulnerabilities > Dromara > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-31581 Use of Hard-coded Credentials vulnerability in Dromara Sureness
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key.
network
low complexity
dromara CWE-798
critical
 9.8
9.8
2023-10-25 CVE-2023-44794 Unspecified vulnerability in Dromara Sa-Token
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.
network
low complexity
dromara
critical
 9.8
9.8