Vulnerabilities > Ruoyi > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-08 | CVE-2023-3163 | SQL Injection vulnerability in Ruoyi A vulnerability was found in y_project RuoYi up to 4.7.7. | 7.5 |
| 2023-04-02 | CVE-2023-27025 | Download of Code Without Integrity Check vulnerability in Ruoyi An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server. | 7.5 |
| 2022-03-30 | CVE-2022-23868 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ruoyi 4.7.2 RuoYi v4.7.2 contains a CSV injection vulnerability through ruoyi-admin when a victim opens .xlsx log file. | 7.8 |