Metrics
Affected Vendors & Products
Tue, 26 Aug 2025 09:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ruoyi
Ruoyi ruoyi |
|
Vendors & Products |
Ruoyi
Ruoyi ruoyi |
Mon, 25 Aug 2025 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A security vulnerability has been detected in lostvip-com ruoyi-go up to 2.1. The impacted element is the function SelectPageList of the file modules/system/service/LoginInforService.go. The manipulation of the argument isAsc leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
Title | lostvip-com ruoyi-go LoginInforService.go SelectPageList sql injection | |
Weaknesses | CWE-74 CWE-89 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-08-25T20:36:42.402Z
Reserved: 2025-08-25T08:45:17.485Z
Link: CVE-2025-9411

Updated: 2025-08-25T20:36:37.274Z

Status : Awaiting Analysis
Published: 2025-08-25T17:15:32.290
Modified: 2025-08-25T20:24:45.327
Link: CVE-2025-9411

No data.

Updated: 2025-08-26T08:54:55Z