| Reporter | Title | Published | Views | Family All 6 |
|---|---|---|---|---|
| CVE-2019-7300 | 1 Feb 201909:00 | – | cvelist | |
| EUVD-2019-16844 | 7 Oct 202500:30 | – | euvd | |
| CVE-2019-7300 | 1 Feb 201909:29 | – | nvd | |
| CVE-2019-7300 | 1 Feb 201909:29 | – | osv | |
| Command injection | 1 Feb 201909:29 | – | prion | |
| CVE-2019-7300 | 7 Jan 202609:34 | – | redhatcve |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| ldap_admin | nested | ressources/settings.inc | Credentials stored in settings file read by the login process can be exposed and misused to execute commands via insecure authentication flow. | CWE-522 |
| ldap_password | nested | ressources/settings.inc | Credentials stored in settings file read by the login process can be exposed and misused to execute commands via insecure authentication flow. | CWE-522 |
| credentials_from_settings | path | logon.php | Credential data obtained from ressources/settings.inc used during login can be leveraged to perform unauthorized actions. | CWE-522 |
| command-line | request body | admin.index.php | Command-line field on admin.index.php can be abused to execute arbitrary commands using leaked credentials. | CWE-522 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation