Product:

Enterprise_cloud_database

(Ragic)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 4
Date Id Summary Products Score Patch Annotated
2023-11-03 CVE-2023-41343 Rogic No-Code Database Builder's file uploading function has insufficient filtering for special characters. A remote attacker with regular user privilege can inject JavaScript to perform XSS (Stored Cross-Site Scripting) attack. Enterprise_cloud_database 5.4
2024-10-15 CVE-2024-9983 Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. Enterprise_cloud_database 7.5
2024-10-15 CVE-2024-9984 Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie. Enterprise_cloud_database 9.8
2024-10-15 CVE-2024-9985 Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server. Enterprise_cloud_database 9.8