A SQL Injection vulnerability was discovered in Cloudlog...
Critical severity
Unreviewed
Published
Oct 1, 2024
to the GitHub Advisory Database
•
Updated Oct 7, 2024
Description
Published by the National Vulnerability Database
Oct 1, 2024
Published to the GitHub Advisory Database
Oct 1, 2024
Last updated
Oct 7, 2024
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. The vulnerability is exploitable via the station_id parameter.
References