4 matches found
CVE-2022-23409
creationtimestamp| type| source ---|---|--- 2025-04-16 09:33:03+00:00| seen| https://bsky.app/profile/nimblenerd.social/post/3lmwbwf7wz32i 2025-04-17 21:02:28+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lmzyvy34xv2x...
Ethercreative Logs 3.0.3 - Path Traversal
Exploit Title: Ethercreative Logs 3.0.3 - Path Traversal Date: 2022.01.26 Exploit Author: Steffen Rogge, SC Vendor Homepage: https://github.com/ethercreative/logs Software Link: https://plugins.craftcms.com/logs Version: =3.0.4 impact: Medium found: 2021-07-06 SEC Consult Vulnerability Lab An...
Craft CMS Logs Plugin 3.0.3 - Path Traversal (Authenticated)
Exploit Title: Craft CMS Logs Plugin 3.0.3 - Path Traversal Authenticated Date: 2022.01.26 Exploit Author: Steffen Rogge Vendor Homepage: https://github.com/ethercreative/logs Software Link: https://plugins.craftcms.com/logs Version: =3.0.4 impact: Medium found: 2021-07-06 SEC Consult Vulnerabili...
CVE-2022-23409
CVE-2022-23409 concerns the Craft CMS Logs plugin (Ethercreative Logs) prior to version 3.0.4. Root cause: path traversal through input to actionStream in Controller.php, enabling remote attackers to read arbitrary files. Affected: Logs plugin for Craft CMS, versions before 3.0.4. Impact: unautho...