Description
Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign.
References
https://chiggerlor.substack.com/p/unauthenticated-sql-injection-in-9a3
ExploitThird Party Advisory
Weaknesses
134c704f-9b21-4f2e-91b3-4a467353bcc0
Secondary
CWE-89
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.3 · High
Information
Source identifier
Vulnerability status
Analyzed
Published
2024-10-14T13:15:14.033Z
1 year agoLast modified
2025-05-02T17:51:32.137Z
10 months ago