Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_cloud_database
(Ragic)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 4 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-11-03 | CVE-2023-41343 | Rogic No-Code Database Builder's file uploading function has insufficient filtering for special characters. A remote attacker with regular user privilege can inject JavaScript to perform XSS (Stored Cross-Site Scripting) attack. | Enterprise_cloud_database | 5.4 | ||
2024-10-15 | CVE-2024-9983 | Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. | Enterprise_cloud_database | 7.5 | ||
2024-10-15 | CVE-2024-9984 | Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie. | Enterprise_cloud_database | 9.8 | ||
2024-10-15 | CVE-2024-9985 | Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server. | Enterprise_cloud_database | 9.8 |