wavelog CVE Vulnerabilities & Metrics

Focus on wavelog vulnerabilities and metrics.

Last updated: 07 Jun 2025, 22:25 UTC

About wavelog Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with wavelog. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total wavelog CVEs: 4
Earliest CVE date: 07 Sep 2024, 08:15 UTC
Latest CVE date: 14 Oct 2024, 15:15 UTC

Latest CVE reference: CVE-2024-48257

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 4

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical wavelog CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 1.25

Max CVSS: 5.0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	3
4.0-6.9	1
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS wavelog CVEs

These are the five CVEs with the highest CVSS scores for wavelog, sorted by severity first and recency.

CVE-2024-8521 wavelog Published on 07 Sep 2024, 08:15 UTC (CVSS: 5.0)
A vulnerability, which was classified as problematic, was found in Wavelog up to 1.8.0. Affected is the function index of the file /qso of the component Live QSO. The manipulation of the argument manual leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.8.1 is able to address this issu...
CVE-2024-48257 wavelog Published on 14 Oct 2024, 15:15 UTC (CVSS: 0)
Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin.
CVE-2024-48251 wavelog Published on 14 Oct 2024, 15:15 UTC (CVSS: 0)
Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, or mode.
CVE-2024-48249 wavelog Published on 14 Oct 2024, 15:15 UTC (CVSS: 0)
Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, or mode.

All CVEs for wavelog

CVE-2024-48257 wavelog vulnerability CVSS: 0 14 Oct 2024, 15:15 UTC

Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin.

CVE-2024-48251 wavelog vulnerability CVSS: 0 14 Oct 2024, 15:15 UTC

Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, or mode.

CVE-2024-48249 wavelog vulnerability CVSS: 0 14 Oct 2024, 15:15 UTC

Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, or mode.

CVE-2024-8521 wavelog vulnerability CVSS: 5.0 07 Sep 2024, 08:15 UTC

A vulnerability, which was classified as problematic, was found in Wavelog up to 1.8.0. Affected is the function index of the file /qso of the component Live QSO. The manipulation of the argument manual leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.8.1 is able to address this issue. The patch is identified as b31002cec6b71ab5f738881806bb546430ec692e. It is recommended to upgrade the affected component.