CVE-2024-48257 | Wavelog 1.8.5 Oqrs_model.php get_worked_modes station_id sql injection

Posted by Angelo Barbosa | Oct 14, 2024 | CVE

A vulnerability was found in Wavelog 1.8.5. It has been declared as critical. Affected by this vulnerability is the function get_worked_modes of the file Oqrs_model.php. The manipulation of the argument station_id leads to sql injection.

This vulnerability is known as CVE-2024-48257. The attack can only be done within the local network. There is no exploit available.

CVE-2024-48257 | Wavelog 1.8.5 Oqrs_model.php get_worked_modes station_id sql injection

Related Posts

CVE-2024-3224 | SourceCodester PHP Task Management System 1.0 task-details.php task_id sql injection

CVE-2024-30110 | HCL DRYiCE AEX 10 information disclosure (KB0114193)

CVE-2023-5711 | System Dashboard Plugin up to 2.8.8 on WordPress sd_php_info authorization

CVE-2024-35660 | Jewel Theme Master Addons for Elementor Plugin up to 2.0.5.4.1 on WordPress authorization