6 matches found
CVE-2024-34854
F-logic DataCube3 v1.0 is vulnerable to File Upload via /admin/transceiverschedule.php...
CVE-2024-25830
F-logic DataCube3 v1.0 is vulnerable to Incorrect Access Control due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this, by sending a URI that contains the path of the configuration file. A successful exploit could allow the attacker to extract the...
CVE-2024-25833
F-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitrary SQL queries in database...
Sql injection
F-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitrary SQL queries in database...
CVE-2024-25833
F-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitrary SQL queries in database...
CVE-2024-25832
F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension...