Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project log vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-18265
Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote malicious users to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=act_add_member".
Simple-log Project Simple-log 1.6
5
CVSSv2
CVE-2018-8947
rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote malicious users to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request.
Laravel Log Viewer Project Laravel Log Viewer
1 EDB exploit
3.5
CVSSv2
CVE-2015-4608
Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and previous versions for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Be User Log Project Be User Log
4.3
CVSSv2
CVE-2021-24756
The WP System Log WordPress plugin prior to 1.0.21 does not sanitise, validate and escape the IP address retrieved from login requests before outputting them in the admin dashboard, which could allow unauthenticated malicious user to perform Cross-Site Scripting attacks against a...
Wp System Log Project Wp System Log
7.5
CVSSv2
CVE-2018-6024
SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter.
Thethinkery Project Log 1.5.3
1 EDB exploit
3.5
CVSSv2
CVE-2018-11430
An issue exists in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. The XSS is located in the mod notes textarea.
Moderator Log Notes Project Moderator Log Notes 1.1
5.8
CVSSv2
CVE-2018-11502
An issue exists in the Moderator Log Notes plugin 1.1 for MyBB. It allows moderators to save notes and display them in a list in the modCP. An attacker can remotely delete all mod notes and mod note logs in the modCP and ACP via CSRF.
Moderator Log Notes Project Moderator Log Notes 1.1
1 EDB exploit
NA
CVE-2022-2806
It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev
Sos Project Sos
Ovirt Log Collector
5
CVSSv2
CVE-2015-5186
Audit prior to 2.4.4 in Linux does not sanitize escape characters in filenames.
Linux Audit Project Linux Audit
5
CVSSv2
CVE-2009-4489
header.c in Cherokee prior to 0.99.32 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an esca...
Cherokee-project Cherokee
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »