Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project log vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2013-0345
varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third party information.
Varnish Cache Project Varnish Cache 3.0.3
5
CVSSv2
CVE-2022-27442
TPCMS v3.2 allows malicious users to access the ThinkPHP log directory and obtain sensitive information such as the administrator's user name and password.
Tpcms Project Tpcms 3.2
7.5
CVSSv2
CVE-2022-24600
Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the background through SQL injection statements.
Luocms Project Luocms 2.0
4.3
CVSSv2
CVE-2022-1843
The MailPress WordPress plugin up to and including 7.2.1 does not have CSRF checks in various places, which could allow malicious users to make a logged in admin change the settings, purge log files and more via CSRF attacks
Mailpress Project Mailpress
7.5
CVSSv2
CVE-2016-7145
The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote malicious users to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
Nefarious2 Project Nefarious2 2.0
NA
CVE-2023-28486
Sudo prior to 1.9.13 does not escape control characters in log messages.
Sudo Project Sudo
Netapp Active Iq Unified Manager -
NA
CVE-2022-23466
teler is an real-time intrusion detection and threat alert dashboard. teler prior to version 2.0.0-rc.4 is vulnerable to DOM-based cross-site scripting (XSS) in the teler dashboard. When teler requests messages from the event stream on the `/events` endpoint, the log data display...
Teler Project Teler 2.0.0
4.6
CVSSv2
CVE-1999-1475
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
Proftpd Project Proftpd 1.2
3.5
CVSSv2
CVE-2021-43436
MartDevelopers Inc iResturant v1.0 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed.
Iresturant Project Iresturant 1.0
NA
CVE-2022-3881
The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin prior to 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it ...
Wptools Project Wptools
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »