← Back

Realtimelogic

realtimelogic

4 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Barracudadrive
barracudadrive
2 CVEs
Fuguhub
fuguhub
2 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-65790
1Realtimelogic
1Fuguhub
Jan 5, 2026
Dec 22, 2025
N/A· v4
6.1 MEDIUM· v3
N/A· v2
A reflected cross-site scripting (XSS) vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a...Show more
A reflected cross-site scripting (XSS) vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a victim opens a crafted SVG containing an inline <script> element, the browser executes the attacker-controlled JavaScript.Show less
CVE-2023-24078
1Realtimelogic
1Fuguhub
Mar 18, 2025
Feb 17, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.
CVE-2020-23834
1Realtimelogic
1Barracudadrive
Nov 21, 2024
Sep 4, 2020
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next start...Show more
Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next starts, the new bd.exe will be run as LocalSystem.Show less
CVE-2014-3808
2Barracudadrive
Realtimelogic
2Barracudadrive
Barracudadrive
May 6, 2026
May 21, 2014
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) role parameter to roles.lsp, (2) name parameter to user.lsp, (3...Show more
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) role parameter to roles.lsp, (2) name parameter to user.lsp, (3) path parameter to wizard/setuser.lsp, (4) host parameter to tunnelconstr.lsp, or (5) newpath parameter to wfsconstr.lsp in rtl/protected/admin/.Show less