16 matches found
CVE-2024-45999
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the getstationinfofunction located in the file /application/models/Oqrsmodel.php. The vulnerability is exploitable via the stationid parameter...
CVE-2024-48259
Cloudlog 2.6.15 allows Oqrs.php requestform SQL injection via stationid or callsign...
CVE-2024-48257
Wavelog 1.8.5 allows Oqrsmodel.php getworkedmodes stationid SQL injectioin...
CVE-2024-48257
Wavelog 1.8.5 allows Oqrsmodel.php getworkedmodes stationid SQL injectioin...
CVE-2024-48255
Cloudlog 2.6.15 allows Oqrs.php getstationinfo stationid SQL injection...
CVE-2024-48257
Wavelog 1.8.5 allows Oqrsmodel.php getworkedmodes stationid SQL injectioin...
CVE-2024-48259
Cloudlog 2.6.15 allows Oqrs.php requestform SQL injection via stationid or callsign...
CVE-2024-48255
Cloudlog 2.6.15 allows Oqrs.php getstationinfo stationid SQL injection...
CVE-2024-48257
Summary : CVE-2024-48257 affects Wavelog 1.8.5. The vulnerability is an SQL injection in the Oqrs_model.php get_worked_modes function, exploitable via the station_id parameter. The issue is documented across multiple sources (NVD, Red Hat, OSV, CVE records) with high severity per CVSS metrics, in...
CVE-2024-48259
Cloudlog 2.6.15 allows Oqrs.php requestform SQL injection via stationid or callsign...
CVE-2024-48259
Cloudlog 2.6.15 is vulnerable to an SQL injection in Oqrs.php request_form via station_id or callsign. The root cause is an unsafe handling of input in the Oqrs.php endpoint, enabling crafted queries. Impact is disclosed as SQL injection with potential data exposure or modification; no explicit e...
CVE-2024-48257
Wavelog 1.8.5 allows Oqrsmodel.php getworkedmodes stationid SQL injectioin...
CVE-2024-48255
Cloudlog 2.6.15 allows Oqrs.php getstationinfo stationid SQL injection...
CVE-2024-45999
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the getstationinfofunction located in the file /application/models/Oqrsmodel.php. The vulnerability is exploitable via the stationid parameter...
CVE-2024-45999
Cloudlog 2.6.15 contains a SQL injection vulnerability in get_station_info() within /application/models/Oqrs_model.php, exploitable via the station_id parameter. Sources across Red Hat, NVD, OSV, CNNVD, and other feeds confirm the issue. The vulnerability is a SQL injection, enabling potential un...
CVE-2024-45999
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the getstationinfofunction located in the file /application/models/Oqrsmodel.php. The vulnerability is exploitable via the stationid parameter...