4561 matches found
Design/Logic Flaw
In cPanel before 66.0.2, weak log-file permissions can occur after account modification SEC-289...
CVE-2017-18427
In cPanel before 66.0.2, weak log-file permissions can occur after account modification SEC-289...
CVE-2017-18427
CVE-2017-18427 affects cPanel prior to 66.0.2, where weak log-file permissions can occur after account modification (SEC-289). The issue has been documented in Red Hat and NVD entries with a low severity (CVSS v3: 3.3; v2: 2.1) and a Partial confidentiality impact. Remediation is to apply the pat...
CVE-2016-10819
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd SEC-125...
CVE-2016-10818
cPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup SEC-124...
CVE-2016-10817
cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file SEC-123...
CVE-2016-10819
In cPanel before 57.9999.54, user log files become world-readable when rotated by cpanellogd SEC-125...
CVE-2016-10818
cPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup SEC-124...
Sql injection
cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file SEC-123...
Design/Logic Flaw
cPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup SEC-124...
CVE-2016-10817
cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file SEC-123...
CVE-2016-10818
CVE-2016-10818 affects cPanel before 57.9999.54, where log-file permissions are incorrectly set in dnsadmin-startup and spamd-startup (SEC-124). The issue is tied to startup scripts in these components; no exploitation details are provided in the available documents. The NVD entry lists CVSS scor...
CVE-2016-10818
cPanel before 57.9999.54 incorrectly sets log-file permissions in dnsadmin-startup and spamd-startup SEC-124...
PT-2019-13304 · Centos · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.840 Description: The issue allows attackers to enumerate users and check for active users of the application by reading /tmp/login.log, potentially exposing file and directory information. Recommendations: For...
CVE-2019-11230
In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename...
CVE-2019-1010308
Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file...
CVE-2019-1010308
Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file...
Open redirect
Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file...
CVE-2019-1010308
Aquaverde Aquarius CMS prior to version 4.1.1 is affected by Incorrect Access Control, enabling access to the log file without restriction. The vulnerability stems from improper access controls on log files and could disclose sensitive data such as passwords. Affected component: log file. Attack ...
CVE-2019-1010308
Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file...