Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Gin-Vue-Admin before 2.4.6 mishandles a SQL database.
AnalysisAI
Gin-Vue-Admin before 2.4.6 mishandles a SQL database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
Affected products include: Gin-Vue-Admin Project Gin-Vue-Admin. Version information: before 2.4.6.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Gin Vue Admin
View allGin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stac
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file
In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3b are vulnerable to Unrestricted File Upload that leads to execution o
In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3beta are vulnerable to Unrestricted File Upload that leads to executio
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stac
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stac
Gin-vue-admin versions 2.8.7 and earlier contain a path traversal vulnerability in the breakpoint resume upload API that
Gin-vue-admin is a backstage management system based on vue and gin, which separates the front and rear of the full stac
Authenticated remote code execution in gin-vue-admin 2.9.1 lets attackers with access to the code-generation and MCP man
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today