Описание
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. The vulnerability is exploitable via the station_id parameter.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.6.15 (включая)
cpe:2.3:a:magicbug:cloudlog:*:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00048
Низкий
9.8 Critical
CVSS3
6.6 Medium
CVSS3
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. The vulnerability is exploitable via the station_id parameter.
EPSS
Процентиль: 15%
0.00048
Низкий
9.8 Critical
CVSS3
6.6 Medium
CVSS3
Дефекты
CWE-89
CWE-89