6 matches found
CVE-2025-64084
An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...
EUVD-2025-197644
An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...
CVE-2025-64084
An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...
CVE-2025-64084
Cloudlog
CVE-2025-64084
An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vuccdetailsajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL...
PT-2025-47009
Name of the Vulnerable Software and Affected Versions Cloudlog versions 2.7.5 and earlier Description An authenticated SQL injection issue exists. The vucc details ajax function within the application/controllers/Awards.php file does not properly sanitize the Gridsquare POST parameter provided by...