Cloudlog CVE - OpenCVE

Filtered by vendor Cloudlog Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-44065	1 Cloudlog	1 Cloudlog	2025-12-29	9.8 Critical
Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter.
CVE-2025-64084	2 Cloudlog, Magicbug	2 Cloudlog, Cloudlog	2025-11-19	5.4 Medium
An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vucc_details_ajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute arbitrary SQL commands by injecting a malicious payload, which is then concatenated directly into a raw SQL query in the vucc_qso_details function.
CVE-2024-45999	2 Cloudlog, Magicbug	2 Cloudlog, Cloudlog	2024-11-21	6.6 Medium
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. The vulnerability is exploitable via the station_id parameter.

Page 1 of 1.