Lucene search
K

7 matches found

NVD
NVD
added 2025/10/06 7:15 a.m.9 views

CVE-2025-58580

An API endpoint allows arbitrary log entries to be created via POST request. Without sufficient validation of the input data, an attacker can create manipulated log entries and thus falsify or dilute logs, for example...

6.5CVSS0.00333EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/06 6:49 a.m.5 views

EUVD-2025-32499

An API endpoint allows arbitrary log entries to be created via POST request. Without sufficient validation of the input data, an attacker can create manipulated log entries and thus falsify or dilute logs, for example...

6.5CVSS6.5AI score0.00333EPSS
Exploits0References7
OSV
OSV
added 2025/07/30 1:18 p.m.3 views

GHSA-3WWM-HJV7-23R3 Pyload log Injection via API /json/add_package in add_name parameter

Summary A log injection vulnerability was identified in pyload in API /json/addpackage. This vulnerability allows user with add packages permission to inject arbitrary messages into the logs gathered by pyload. Details pyload will generate a log entry when creating new package using API...

4.3CVSS7.3AI score
Exploits0References3
NVD
NVD
added 2015/06/09 2:59 p.m.23 views

CVE-2015-3200

modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...

7.5CVSS7.5AI score0.09978EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2015/06/09 2:59 p.m.43 views

CVE-2015-3200

modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...

7.5CVSS7.2AI score0.09978EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2015/06/09 2:0 p.m.21 views

CVE-2015-3200

modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...

7.5CVSS7.7AI score0.09978EPSS
Exploits1
FreeBSD
FreeBSD
added 2015/05/25 12:0 a.m.131 views

lighttpd -- Log injection vulnerability in mod_auth

MITRE reports: modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...

7.5CVSS7.8AI score0.09978EPSS
Exploits1References1
Rows per page
Query Builder