CVE-2024-45999

MEDIUM Year: 2024
CVSS v3 Score
6.6
Medium
Weakness Type
CWE-89
View all →

Vulnerability Description

A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. The vulnerability is exploitable via the station_id parameter.

Related Vulnerabilities

CVE-2020-6114

MEDIUM
CVSS:6.6(Medium)

An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request c...

CWE-892020

CVE-2021-24345

MEDIUM
CVSS:6.6(Medium)

The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the id_lista POST parameter before ...

CWE-892021

CVE-2022-21210

MEDIUM
CVSS:6.6(Medium)

An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authen...

CWE-892022

CVE-2023-38221

MEDIUM
CVSS:6.6(Medium)

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an S...

CWE-892023

CVE-2023-38249

MEDIUM
CVSS:6.6(Medium)

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an S...

CWE-892023

CVE-2023-38250

MEDIUM
CVSS:6.6(Medium)

Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an S...

CWE-892023