CVE-2024-54762

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-54762

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-54762.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-54762

Published

2025-01-09T20:15:39Z

Modified

2025-05-17T14:23:07.633631Z

Summary

[none]

Details

Ruoyi v.4.7.9 and before contains an authenticated SQL injection vulnerability. This is because the filterKeyword method does not completely filter SQL injection keywords, resulting in the risk of SQL injection.

References

Affected packages

Git / github.com/yangzongzhuan/ruoyi

Affected ranges

Type: GIT
Repo: https://github.com/yangzongzhuan/ruoyi
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

4f5bf990bf5663b729ea5b14d13e14adb3d26d5a

Affected versions

v2.*

v2.2

v2.3

v2.4

v3.*

v3.0

v3.1

v3.2

v3.3

v3.4

v4.*

v4.0

v4.1

v4.2

v4.3

v4.3.1

v4.4

v4.5.0

v4.5.1

v4.6.0

v4.6.1

v4.6.2

v4.7.0

v4.7.1

v4.7.2

v4.7.3

v4.7.4

v4.7.5

v4.7.6

v4.7.7

v4.7.8

v4.7.9