CVE-2024-12008

The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 through the publicly exposed debug log file. This makes it possible for unauthenticated attackers to view potentially sensitive information in the exposed log file. For exampl...

CVE-2022-29806

ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...

CVE-2024-12008 W3 Total Cache <= 2.8.1 Information Exposure via Log Files

The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 through the publicly exposed debug log file. This makes it possible for unauthenticated attackers to view potentially sensitive information in the exposed log file. For exampl...

CVE-2024-12008 W3 Total Cache <= 2.8.1 Information Exposure via Log Files

The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 through the publicly exposed debug log file. This makes it possible for unauthenticated attackers to view potentially sensitive information in the exposed log file. For exampl...

CVE-2024-12008

CVE-2024-12008 (W3 Total Cache for WordPress) is described in connected Red Hat documentation as a vulnerability to Information Exposure in all versions up to and including 2.8.1, exposed via the publicly accessible debug log file. The issue allows unauthenticated attackers to view potentially se...

CVE-2024-20440

CVE-2024-20440 affects Cisco Smart Licensing Utility (CSLU). An unauthenticated, remote attacker can access sensitive information due to excessive verbosity in a debug log file. Exploitation involves sending a crafted HTTP request to an affected device, potentially exposing log files containing c...

IP2Location Country Blocker < 2.33.4 - Unauthenticated Sensitive Information Exposure via Debug Log File

Description The IP2Location Country Blocker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.33.3 via ip2location-country-blocker.php. This makes it possible for unauthenticated attackers to extract sensitive data including debug...

Information disclosure

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04CT2015Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical...

CVE-2023-5028

CVE-2023-5028 affects China Unicom TEWA-800G, version 4.16L.04_CT2015_Yueme. The issue is an information exposure through a debug log file that can be triggered on the physical device. Sources consistently describe the vulnerability as affecting an unknown functionality and note a relatively high...

CVE-2023-5028 China Unicom TEWA-800G debug log file

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04CT2015Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical...

CVE-2023-5028 China Unicom TEWA-800G debug log file

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04CT2015Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical...

CVE-2022-29806

ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...

CVE-2022-29806

ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...

Remote code execution

ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...

CVE-2022-29806

ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability...

CVE-2021-37759

A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges to the access level of the leaked session ID...

CVE-2021-37759

A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges to the access level of the leaked session ID...

CVE-2021-37759

Graylog prior to 4.1.2 is affected by a Session ID leak in the DEBUG log file that allows an attacker to escalate privileges to the leaked session ID. Affected product: Graylog (before 4.1.2). Root cause: leakage of session IDs via DEBUG logs. Impact: potential privilege elevation with the leaked...

CVE-2020-35234

The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as exploited in the wild in December 2020. If an attacker can list the wp-content/plugins/easy-wp-smtp/ directory, then they can discover a log file such as debuglog.txt that contains all password-reset link...

CVE-2019-3763

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Office 365 connector debug log file. An authenticated...