Skip to main content

Datacube3

3 CVEs product

Monthly

CVE-2024-25833 CRITICAL POC Act Now

F-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitrary SQL queries in database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Datacube3
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2024-25832 HIGH POC THREAT This Week

F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Datacube3
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
12.8%
CVE-2024-25831 MEDIUM POC This Month

F-logic DataCube3 Version 1.0 is affected by a reflected cross-site scripting (XSS) vulnerability due to improper input sanitization. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Datacube3
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

F-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitrary SQL queries in database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Datacube3
NVD
EPSS 13% CVSS 8.8
HIGH POC THREAT This Week

F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Datacube3
NVD Exploit-DB
EPSS 1% CVSS 5.4
MEDIUM POC This Month

F-logic DataCube3 Version 1.0 is affected by a reflected cross-site scripting (XSS) vulnerability due to improper input sanitization. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Datacube3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy