Vulnerabilities > Ragic

DATE CVE VULNERABILITY TITLE RISK
2024-10-15 CVE-2024-9983 Path Traversal vulnerability in Ragic Enterprise Cloud Database
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
network
low complexity
ragic CWE-22
7.5
2024-10-15 CVE-2024-9984 Missing Authentication for Critical Function vulnerability in Ragic Enterprise Cloud Database
Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie.
network
low complexity
ragic CWE-306
critical
9.8
2024-10-15 CVE-2024-9985 Unrestricted Upload of File with Dangerous Type vulnerability in Ragic Enterprise Cloud Database
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads.
network
low complexity
ragic CWE-434
critical
9.8
2023-11-03 CVE-2023-41343 Cross-site Scripting vulnerability in Ragic Enterprise Cloud Database
Rogic No-Code Database Builder's file uploading function has insufficient filtering for special characters.
network
low complexity
ragic CWE-79
5.4