SQL Injection Vulnerability in Wavelog 1.8.5 Affects Gridmap_model.php
CVE-2024-48249
Currently unrated
Summary
Wavelog version 1.8.5 is vulnerable to an SQL injection flaw in the Gridmap_model.php component. This vulnerability allows attackers to manipulate database queries through unsanitized input parameters, such as 'band', 'sat', 'propagation', or 'mode'. Exploitation of this vulnerability could grant unauthorized access to sensitive data, leading to potential data breaches and application compromise if left unaddressed.
References
Timeline
Vulnerability published