Vulnerabilities > F Logic > Datacube3 > 1.0

DATE CVE VULNERABILITY TITLE RISK
2024-02-29 CVE-2024-25831 Cross-site Scripting vulnerability in F-Logic Datacube3 1.0
F-logic DataCube3 Version 1.0 is affected by a reflected cross-site scripting (XSS) vulnerability due to improper input sanitization.
network
low complexity
f-logic CWE-79
5.4
5.4
2024-02-29 CVE-2024-25832 Unrestricted Upload of File with Dangerous Type vulnerability in F-Logic Datacube3 1.0
F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension.
network
low complexity
f-logic CWE-434
8.8
8.8
2024-02-29 CVE-2024-25833 SQL Injection vulnerability in F-Logic Datacube3 1.0
F-logic DataCube3 v1.0 is vulnerable to unauthenticated SQL injection, which could allow an unauthenticated malicious actor to execute arbitrary SQL queries in database.
network
low complexity
f-logic CWE-89
critical
 9.8
9.8