Lucene search
China National Vulnerability DatabaseCNVD-2023-74536HistoryOct 07, 2023 - 12:00 a.m.
Weave GitOps is a simple open source developer platform open source by Weaveworks. Weave GitOps has a log information disclosure vulnerability. The vulnerability stems from insufficient protection of sensitive information and can be exploited by an authenticated remote attack to view sensitive cluster configurations of registered Kubernetes clusters.
2023-10-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
3
weave gitops
open source
log information disclosure
vulnerability
sensitive information
remote attack
kubernetes clusters
emlog
lightweight blog
cms builder
arbitrary file upload
php
mysql
remote attacker
malicious file
arbitrary code.
emlog is a lightweight blog and CMS builder based on PHP and MySQL. An arbitrary file upload vulnerability exists in emlog pro /content/templates/, which can be exploited by a remote attacker to submit a special request that can upload a malicious file to execute arbitrary code in the application context.
Related
vulnrichment
vulnrichment
CVE-2023-44973
2023-10-03 00:00:00
prion
prion
Privilege escalation
2023-10-03 21:15:00
cvelist
cvelist
CVE-2023-44973
2023-10-03 00:00:00
nvd
nvd
CVE-2023-44973
2023-10-03 21:15:10
osv
osv
CVE-2023-44973
2023-10-03 21:15:10
cve
cve
CVE-2023-44973
2023-10-03 21:15:10