Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

Nuclei
Nucleiadded 11 hours ago6 views

Cloudlog - SQL Injection

Cloudlog 2.6.15 contains a SQL injection caused by unsanitized input in oqrs.php requestform, letting attackers execute arbitrary SQL commands via stationid or callsign, exploit requires sending crafted request. id: CVE-2024-48259 info: name: Cloudlog - SQL Injection author: s4e-io severity: high...

7.3CVSS6.1AI score0.04818EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/12/27 12:5 a.m.6 views

CVE-2024-44065

Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter...

9.8CVSS8AI score0.0001EPSS
Exploits1References1
EUVD
EUVDadded 2025/12/26 6:30 p.m.2 views

EUVD-2024-55363

Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter...

9.8CVSS7.5AI score0.0001EPSS
Exploits1References3
NVD
NVDadded 2025/12/26 5:15 p.m.3 views

CVE-2024-44065

Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter...

9.8CVSS0.0001EPSS
Exploits1References2
OSV
OSVadded 2025/12/26 5:15 p.m.1 views

CVE-2024-44065

Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter...

9.8CVSS7.9AI score0.0001EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/12/26 12:0 a.m.20 views

CVE-2024-44065

Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter...

0.0001EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/12/26 12:0 a.m.3 views

Cloudlog 安全漏洞

Cloudlog is a self-hosted PHP application by the individual developer Peter Goodhall. Allows logging of amateur radio contacts from anywhere. A security vulnerability exists in Cloudlog version 2.6.15 that stems from a blind time-based SQL injection vulnerability in the qsoresults parameter...

9.8CVSS7.7AI score0.0001EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/12/26 12:0 a.m.1 views

CVE-2024-44065

Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter...

7.6AI score0.0001EPSS
Exploits1References2
CVE
CVEadded 2025/12/26 12:0 a.m.9 views

CVE-2024-44065

CVE-2024-44065 corresponds to a time-based blind SQL injection in Cloudlog v2.6.15 at /index.php/logbookadvanced/search via the qsoresults parameter. The vulnerability is described across multiple feeds (NVD, Red Hat, EUVD, CIRCL, OSV, CVE lists) with a CVSS v3.1 base score of 9.8 (CRITICAL) and ...

9.8CVSS7.6AI score0.0001EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVEadded 2025/11/17 1:14 p.m.2 views

CVE-2025-64084

An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...

5.4CVSS8.4AI score0.00046EPSS
Exploits1References1
EUVD
EUVDadded 2025/11/14 9:30 p.m.2 views

EUVD-2025-197644

An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...

6.5CVSS7.9AI score0.00046EPSS
Exploits1References4
NVD
NVDadded 2025/11/14 9:15 p.m.3 views

CVE-2025-64084

An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...

5.4CVSS0.00046EPSS
Exploits1References3
OSV
OSVadded 2025/11/14 9:15 p.m.1 views

CVE-2025-64084

An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...

5.4CVSS8.4AI score
Exploits0References3
CNNVD
CNNVDadded 2025/11/14 12:0 a.m.3 views

Cloudlog 安全漏洞

Cloudlog is a self-hosted PHP application by the individual developer Peter Goodhall. Allows logging of amateur radio contacts from anywhere. A security vulnerability exists in Cloudlog 2.7.5 and earlier versions that stems from the vuccdetailsajax function in Awards.php not properly cleaning up...

5.4CVSS7.6AI score0.00046EPSS
Exploits1References4
CVE
CVEadded 2025/11/14 12:0 a.m.6 views

CVE-2025-64084

Cloudlog

5.4CVSS8AI score0.00046EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2025/11/14 12:0 a.m.4 views

CVE-2025-64084

An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...

0.00046EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2025/11/14 12:0 a.m.2 views

CVE-2025-64084

An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...

8AI score0.00046EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2025/11/14 12:0 a.m.2 views

PT-2025-47009

Name of the Vulnerable Software and Affected Versions Cloudlog versions 2.7.5 and earlier Description An authenticated SQL injection issue exists. The vucc details ajax function within the application/controllers/Awards.php file does not properly sanitize the Gridsquare POST parameter provided by...

6.5CVSS8AI score0.00046EPSS
Exploits1References9
RedhatCVE
RedhatCVEadded 2025/05/23 10:38 a.m.4 views

CVE-2024-45999

A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the getstationinfofunction located in the file /application/models/Oqrsmodel.php. The vulnerability is exploitable via the stationid parameter...

9.8CVSS8.2AI score0.00065EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/23 9:2 a.m.1 views

CVE-2024-48253

Cloudlog 2.6.15 allows Oqrs.php deleteoqrsline id SQL injection...

9.8CVSS5.9AI score0.001EPSS
Exploits0References1
Rows per page
Query Builder