CNNVD-202509-1481 Information
Sep 10, 2025
cve
CNNVD ID
CNNVD-202509-1481
Related CVE
- CNNVD Published: 2025-09-10
Description (Chinese)
ruoyi-go是lostvip.com个人开发者的一个后台管理系统。 ruoyi-go 2.1版本存在SQL注入漏洞,该漏洞源于组件Background Management Page中文件modules/system/dao/SysRoleDao.go对参数sortName的错误操作导致SQL注入。
Description (English)
Ruoyi-go is a back-office management system for individual developers in lostvip.com. The ruoyi-go 2.1 version has an injection loophole in SQL, which results from the error of document Modules/system/dao/SysRoleDao.go to the parameter sortName in component Background Management Page.
Hazard Level
High
Vulnerability Type
SQL注入
Affected Vendor
个人开发者
Published
2025-09-10
Last Modified
2026-02-24
References
https://github.com/on-theway/cve/issues/10 https://vuldb.com/?ctiid.323486 https://vuldb.com/?id.323486 https://vuldb.com/?submit.641027
Share on: