RuoYi

2 exploits Active since Jul 2022
CVE-2023-27025 WRITEUP HIGH WRITEUP
RuoYi < 4.7.6 - Arbitrary File Download via Background Management Module
An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server.
CVSS 7.5
CVE-2022-32065 WRITEUP MEDIUM WRITEUP
RuoYi < 4.7.3 - Arbitrary File Upload and Remote Code Execution via HTML File
An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file.
CVSS 5.4