442 matches found
Pimcore ENV Variables and Cookie Informations are exposed in http_error_log
Summary The httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through the Pimcore backend. Details It’s better to remove both lines, as this information make...
CVE-2026-23493 Pimcore ENV Variables and Cookie Informations are exposed in http_error_log
Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, the httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through t...
EUVD-2026-2729
Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, the httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through t...
CVE-2026-23493
Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, the httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through t...
CVE-2026-23493 Pimcore ENV Variables and Cookie Informations are exposed in http_error_log
Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, the httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through t...
Pimcore security vulnerabilities
Pimcore is an open-source web content management platform developed by the Austrian company Pimcore. This platform integrates applications such as web content management, e-commerce frameworks, and product information management. Versions of Pimcore prior to 12.3.1 and 11.5.14 contained security...
CVE-2022-50721
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong calling convention for prepslavesg The calling convention for preslavesg is to return NULL on error and provide an error log to the system. Qcom-adm instead provide error pointer when an error occur...
WordPress Error Log Viewer by BestWebSoft plugin <= 1.1.6 - Authenticated (Administrator+) Arbitrary File Read vulnerability
Authenticated Administrator+ Arbitrary File Read vulnerability discovered by Duc Manh in WordPress Plugin Error Log Viewer by BestWebSoft versions = 1.1.6...
CVE-2025-9950
The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.6 via the rrrlgvwrgetfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of...
EUVD-2025-33846
The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.6 via the rrrlgvwrgetfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of...
CVE-2025-9950
The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.6 via the rrrlgvwrgetfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of...
CVE-2025-9950 Error Log Viewer by BestWebSoft <= 1.1.6 - Authenticated (Administrator+) Arbitrary File Read
The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.6 via the rrrlgvwrgetfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of...
CVE-2025-9950
The CVE-2025-9950 issue affects the Error Log Viewer by BestWebSoft for WordPress. It is a directory traversal vulnerability exploitable by authenticated administrators (and above) to read arbitrary files via the rrrlgvwr_get_file function. The vulnerability affects versions up to 1.1.6. The issu...
CVE-2025-9950 Error Log Viewer by BestWebSoft <= 1.1.6 - Authenticated (Administrator+) Arbitrary File Read
The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.6 via the rrrlgvwrgetfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of...
WordPress plugin Error Log Viewer by BestWebSoft 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
PT-2025-41683
Name of the Vulnerable Software and Affected Versions Error Log Viewer by BestWebSoft plugin for WordPress versions up to and including 1.1.6 Description The Error Log Viewer by BestWebSoft plugin for WordPress is susceptible to Directory Traversal. This allows authenticated attackers with...
EUVD-2011-4536
Malware in sbrugna...
EUVD-2012-0862
Malware in sbrugna...
EUVD-2019-13646
Malware in sbrugna...
EUVD-2017-10450
Malware in sbrugna...