Vulnerabilities in yangzongzhuan
12 resultsCVE-2025-7901MEDIUMyangzongzhuan RuoYi Swagger UI index.html cross site scriptingEPSS 0.7%CVE-2025-7907MEDIUMyangzongzhuan RuoYi Druid application-druid.yml default credentialsEPSS 0.4%CVE-2025-10473MEDIUMyangzongzhuan RuoYi Blacklist SqlUtil.java filterKeyword sql injectionEPSS 0.4%CVE-2025-10989MEDIUMyangzongzhuan RuoYi selectAll improper authorizationEPSS 0.4%CVE-2025-10384MEDIUMyangzongzhuan RuoYi Role cancelAll improper authorizationEPSS 0.3%CVE-2026-4564MEDIUMyangzongzhuan RuoYi Quartz Job job code injectionEPSS 0.3%CVE-2025-7906MEDIUMyangzongzhuan RuoYi CommonController.java uploadFile unrestricted uploadEPSS 0.3%CVE-2025-8847MEDIUMyangzongzhuan RuoYi edit cross site scriptingEPSS 0.3%CVE-2025-7902MEDIUMyangzongzhuan RuoYi SysNoticeController.java addSave cross site scriptingEPSS 0.3%CVE-2025-4537LOWyangzongzhuan RuoYi-Vue Password login.vue sensitive information in a cookieEPSS 0.2%CVE-2025-7903MEDIUMyangzongzhuan RuoYi Image Source ui layerEPSS 0.2%CVE-2026-9374MEDIUMyangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted uploadEPSS 0.2%