10 matches found
CVE-2026-41465
ProjeQtor versions 7.0 through 12.4.3 contain a path traversal vulnerability in the log file viewer at dynamicDialog.php where the logname parameter is not validated against directory traversal sequences before constructing file paths. Authenticated attackers can inject directory traversal...
EUVD-2026-5173
The WP ULike plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.8.3.1. This is due to the wpulikedeletehistoryapi AJAX action not verifying that the log entry being deleted belongs to the current user. This makes it possible for...
Gin Web Framework 安全漏洞
Gin Web Framework is Gin-Gonic open source a web framework written in Go Golang. Gin Web Framework v1.6.0 before the version has a security vulnerability . Attackers can use the vulnerability to write arbitrary logs...
The vulnerability of the microprogramming software of the Cognex 3D-A1000 Dimensioning System lies in the improper processing of output data for registration logs, allowing attackers to create arbitrary log files.
The vulnerability of the microprogramming software of the Cognex 3D-A1000 Dimensioning System is related to incorrect processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor to create arbitrary log files remotely...
VMware vRealize Operations 日志信息泄露漏洞
vmware VMware vRealize Operations is an application from vmware, Inc. A unified, AI-based platform for private, hybrid, and multi-cloud environments that delivers IT operations management on autopilot. A log information disclosure vulnerability exists in Vmware vRealize Operations Manager that...
Design/Logic Flaw
Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system...
CVE-2018-6222
Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system...
CVE-2018-6222
The CVE-2018-6222 family covers multiple vulnerabilities in Trend Micro Email Encryption Gateway 5.5 (Build 1111.00) found in the web console. Documented issues include: arbitrary log file locations enabling log manipulation and potential command execution (CVE-2018-6222); insecure update mechani...
CVE-2018-6222
Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system...
Unspecified Vulnerability in Moodle
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security vulnerability exists in Moodle versions 2.x and 3.x. The vulnerability stem...