4 matches found
CVE-2024-48249
Wavelog 1.8.5 allows Gridmapmodel.php getbandconfirmed SQL injection via band, sat, propagation, or mode...
CVE-2024-48251
Wavelog 1.8.5 allows Activatedgridmapmodel.php getbandconfirmed SQL injection via band, sat, propagation, or mode...
CVE-2024-48257
Wavelog 1.8.5 allows Oqrsmodel.php getworkedmodes stationid SQL injectioin...
PT-2024-39072 · Wavelog · Wavelog
Name of the Vulnerable Software and Affected Versions: Wavelog versions 1.8.0 and earlier Description: A problem was found in the function index of the file /qso of the component Live QSO. The manipulation of the manual argument leads to cross site scripting. It is possible to launch the attack...