Vulnerabilities > Ruoyi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-27 | CVE-2025-0734 | Deserialization of Untrusted Data vulnerability in Ruoyi A vulnerability has been found in y_project RuoYi up to 4.8.0 and classified as critical. | 7.2 |
| 2024-09-21 | CVE-2024-9048 | Cross-site Scripting vulnerability in Ruoyi A vulnerability was found in y_project RuoYi up to 4.7.9. | 6.1 |
| 2024-08-26 | CVE-2024-42913 | SQL Injection vulnerability in Ruoyi 4.7.9 RuoYi CMS v4.7.9 was discovered to contain a SQL injection vulnerability via the job_id parameter at /sasfs1. | 9.8 |
| 2024-07-19 | CVE-2024-41599 | Cross-site Scripting vulnerability in Ruoyi Cross Site Scripting vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrary code via the file upload method | 6.1 |
| 2024-07-04 | CVE-2024-6511 | Unspecified vulnerability in Ruoyi A vulnerability classified as problematic was found in y_project RuoYi up to 4.7.9. | 6.1 |
| 2023-12-28 | CVE-2023-7133 | Unspecified vulnerability in Ruoyi 4.7.8 A vulnerability was found in y_project RuoYi 4.7.8. | 6.1 |
| 2023-12-01 | CVE-2023-49371 | SQL Injection vulnerability in Ruoyi RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit. | 9.8 |
| 2023-08-11 | CVE-2021-28411 | Improper Privilege Management vulnerability in Ruoyi 3.4.0 An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager class in lerry903 RuoYi version 3.4.0, allows remote attackers to escalate privileges. | 9.8 |
| 2023-07-21 | CVE-2023-3815 | Unspecified vulnerability in Ruoyi A vulnerability, which was classified as problematic, has been found in y_project RuoYi up to 4.7.7. | 6.1 |
| 2023-06-08 | CVE-2023-3163 | SQL Injection vulnerability in Ruoyi A vulnerability was found in y_project RuoYi up to 4.7.7. | 7.5 |