Magicbug
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-44065 | 0.00 | — | 0.00 | Dec 26, 2025 | Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter. | |||
| CVE-2025-64084 | 0.00 | — | 0.00 | Nov 14, 2025 | An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vucc_details_ajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute… | |||
| CVE-2024-48255 | 0.00 | — | 0.00 | Oct 14, 2024 | Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection. | |||
| CVE-2024-48259 | 0.00 | — | 0.01 | Oct 14, 2024 | Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign. | |||
| CVE-2024-48253 | 0.00 | — | 0.00 | Oct 14, 2024 | Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection. | |||
| CVE-2024-45999 | 0.00 | — | 0.00 | Oct 1, 2024 | A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. The vulnerability is exploitable via the station_id parameter. |
- CVE-2024-44065Dec 26, 2025risk 0.00cvss —epss 0.00
Time-based blind SQL Injection vulnerability in Cloudlog v2.6.15 at the endpoint /index.php/logbookadvanced/search in the qsoresults parameter.
- CVE-2025-64084Nov 14, 2025risk 0.00cvss —epss 0.00
An authenticated SQL injection vulnerability exists in Cloudlog 2.7.5 and earlier. The vucc_details_ajax function in application/controllers/Awards.php does not properly sanitize the user-supplied Gridsquare POST parameter. This allows a remote, authenticated attacker to execute…
- CVE-2024-48255Oct 14, 2024risk 0.00cvss —epss 0.00
Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection.
- CVE-2024-48259Oct 14, 2024risk 0.00cvss —epss 0.01
Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign.
- CVE-2024-48253Oct 14, 2024risk 0.00cvss —epss 0.00
Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection.
- CVE-2024-45999Oct 1, 2024risk 0.00cvss —epss 0.00
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. The vulnerability is exploitable via the station_id parameter.