ragic CVE Vulnerabilities & Metrics

Focus on ragic vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About ragic Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with ragic. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total ragic CVEs: 5
Earliest CVE date: 31 Oct 2022, 07:15 UTC
Latest CVE date: 15 Oct 2024, 09:15 UTC

Latest CVE reference: CVE-2024-9985

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 3

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 200.0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 200.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical ragic CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.0

Max CVSS: 0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	5
4.0-6.9	0
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS ragic CVEs

These are the five CVEs with the highest CVSS scores for ragic, sorted by severity first and recency.

CVE-2024-9985 ragic Published on 15 Oct 2024, 09:15 UTC (CVSS: 0)
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server.
CVE-2024-9984 ragic Published on 15 Oct 2024, 09:15 UTC (CVSS: 0)
Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie.
CVE-2024-9983 ragic Published on 15 Oct 2024, 09:15 UTC (CVSS: 0)
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
CVE-2023-41343 ragic Published on 03 Nov 2023, 05:15 UTC (CVSS: 0)
Rogic No-Code Database Builder's file uploading function has insufficient filtering for special characters. A remote attacker with regular user privilege can inject JavaScript to perform XSS (Stored Cross-Site Scripting) attack.
CVE-2022-40739 ragic Published on 31 Oct 2022, 07:15 UTC (CVSS: 0)
Ragic report generation page has insufficient filtering for special characters. A remote attacker with general user privilege can inject JavaScript to perform XSS (Reflected Cross-Site Scripting) attack.

All CVEs for ragic

CVE-2024-9985 ragic vulnerability CVSS: 0 15 Oct 2024, 09:15 UTC

Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server.

CVE-2024-9984 ragic vulnerability CVSS: 0 15 Oct 2024, 09:15 UTC

Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie.

CVE-2024-9983 ragic vulnerability CVSS: 0 15 Oct 2024, 09:15 UTC

Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.

CVE-2023-41343 ragic vulnerability CVSS: 0 03 Nov 2023, 05:15 UTC

Rogic No-Code Database Builder's file uploading function has insufficient filtering for special characters. A remote attacker with regular user privilege can inject JavaScript to perform XSS (Stored Cross-Site Scripting) attack.

CVE-2022-40739 ragic vulnerability CVSS: 0 31 Oct 2022, 07:15 UTC

Ragic report generation page has insufficient filtering for special characters. A remote attacker with general user privilege can inject JavaScript to perform XSS (Reflected Cross-Site Scripting) attack.