|
|
|||
| Rule General Information |
|---|
| Release Date: | 2025-01-22 | |
| Rule Name: | Cloudlog System request_form SQL Injection Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Cloudlog is an open source self-hosted PHP application available for users to record amateur radio contacts anywhere. SQL injection vulnerability exists in request_form interface of Cloudlog system. Malicious attackers can perform unauthorized database operations through this vulnerability, which may lead to security problems such as information leakage, database tampering or denial of service. | |
| Impact: | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |