4561 matches found
CVE-2021-42840
SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, loggerfilename can refer to an attacker-controlled PHP file under the web root, because only the all-lowercase PHP file extensions were...
Remote code execution
SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, loggerfilename can refer to an attacker-controlled PHP file under the web root, because only the all-lowercase PHP file extensions were...
CVE-2021-42840
SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, loggerfilename can refer to an attacker-controlled PHP file under the web root, because only the all-lowercase PHP file extensions were...
CVE-2021-42840
Conclusion: CVE-2021-42840 affects SuiteCRM
PT-2021-23694 · Suitecrm · Suitecrm
Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.11.19 Description: The issue allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, the logger file name can refer to an...
SuiteCRM 代码问题漏洞
SuiteCRM is a customer relationship management system from the SuiteCRM Suitecrm team. A security vulnerability exists in SuiteCRM that stems from SuiteCRM prior to 7.11.19 that allows remote code execution to be set via the system settings log file name. An attacker can exploit the vulnerability...
The vulnerability of the Windows Common Log File System Driver in Windows operating systems, related to privilege management errors, allows a perpetrator to escalate their privileges.
The vulnerability of the Windows Common Log File System Driver in the operating system is related to privilege management errors. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Windows Common Log File System Driver in Windows operating systems, related to privilege management errors, allows a perpetrator to obtain system privileges.
The vulnerability of the Windows Common Log File System Driver in the operating system is related to privilege management errors. Exploiting this vulnerability can allow an attacker to gain system privileges...
The vulnerability of the Windows Common Log File System Driver in Windows operating systems, related to privilege management errors, allows a perpetrator to obtain system privileges.
The vulnerability of the Windows Common Log File System Driver in the operating system is related to privilege management errors. Exploiting this vulnerability can allow an attacker to gain system privileges...
CVE-2021-40467
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2021-40466
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2021-40467
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2021-40466
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2021-40443
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2021-40443
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
Privilege escalation
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
Privilege escalation
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2021-40467 Windows Common Log File System Driver Elevation of Privilege Vulnerability
...
CVE-2021-40467
CVE-2021-40467 is a Windows Common Log File System Driver elevation-of-privilege vulnerability. According to the records, it enables a local attacker to escalate privileges via the CLFS component, with high impact on confidentiality, integrity, and availability (vector: LOCAL, low attack complexi...
CVE-2021-40466
Technical details about CVE-2021-40466 (affected product/component, root cause, impact, and fixes) are not provided in the connected documents; available sources only state the vulnerability at a high level. Monitor for updates.