CVE-2025-10473 | yangzongzhuan RuoYi up to 4.8.1 Blacklist SqlUtil.java filterKeyword sql injection

Inserito da Angelo Barbosa | Set 15, 2025 | CVE

A vulnerability classified as critical was found in yangzongzhuan RuoYi up to 4.8.1. This impacts the function filterKeyword of the file /com/ruoyi/common/utils/sql/SqlUtil.java of the component Blacklist Handler. The manipulation results in sql injection.

This vulnerability is cataloged as CVE-2025-10473. The attack may be launched remotely. Furthermore, there is an exploit available.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

CVE-2025-10473 | yangzongzhuan RuoYi up to 4.8.1 Blacklist SqlUtil.java filterKeyword sql injection

Post correlati

CVE-2024-32135 | WPZest Disable Comments Plugin up to 1.51 on WordPress sql injection

CVE-2024-55894 | TYPO3 up to 10.4.47/11.5.41/12.4.24/13.4.2 Backend User Module cross-site request forgery (GHSA-6w4x-gcx3-8p7v)

CVE-2025-26571 | wibiya Wibiya Toolbar Plugin up to 2.0 on WordPress cross-site request forgery

CVE-2024-29880 | JetBrains TeamCity up to 2023.10 Agent Process routine