CVE-2025-10473 | yangzongzhuan RuoYi up to 4.8.1 Blacklist SqlUtil.java filterKeyword sql injection

A vulnerability classified as critical was found in yangzongzhuan RuoYi up to 4.8.1. This impacts the function filterKeyword of the file /com/ruoyi/common/utils/sql/SqlUtil.java of the component Blacklist Handler. The manipulation results in sql injection.

This vulnerability is cataloged as CVE-2025-10473. The attack may be launched remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More