CVE-2024-48255 | Cloudlog 2.6.15 Oqrs.php get_station_info station_id sql injection

Inserito da Angelo Barbosa | Ott 14, 2024 | CVE

A vulnerability was found in Cloudlog 2.6.15 and classified as critical. This issue affects the function get_station_info of the file Oqrs.php. The manipulation of the argument station_id leads to sql injection.

The identification of this vulnerability is CVE-2024-48255. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-48255 | Cloudlog 2.6.15 Oqrs.php get_station_info station_id sql injection

Post correlati

CVE-2024-32881 | danswer-ai danswer up to 0.3.62 improper authorization

CVE-2023-42776 | Intel SGX DCAP Software prior 1.19.100.3 on Windows information disclosure (intel-sa-01014)

CVE-2024-27379 | Samsung Exynos 1330 slsi_nan_subscribe_get_nl_params heap-based overflow

CVE-2023-6850 | kalcaddle KodExplorer up to 4.51.03 API Endpoint path/file unrestricted upload