CVE-2023-53905

ProjectSend r1605 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into user profile names. Attackers can craft payloads like =calc|a!z| in the name field to trigger code execution when administrators export action logs as CSV files...

Linux Distros Unpatched Vulnerability : CVE-2018-10889

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. No option existed to omit logs from data privacy exports, which may contain details of other use...

CVE-2023-5003

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...

VulnCheck KEV: CVE-2022-48164

An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...

SUSE CVE-2023-5003

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...

CVE-2023-4269

The User Activity Log WordPress plugin before 1.6.6 lacks proper authorisation when exporting its activity logs, allowing any authenticated users, such as subscriber to perform such action and retrieve PII such as email addresses...

WordPress plugin User Activity Log security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability in the WordPress plugin Us...

CVE-2022-48164

An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...

WAVLINK WL-WN533A8 安全漏洞

WAVLINK WL-WN533A8 is a router from China's RuiYin Technology WAVLINK. The WAVLINK WL-WN533A8 suffers from an Access Control Issue vulnerability that originates from improper access control in the component /cgi-bin/ExportLogs.sh, which can be exploited by an attacker to download configuration da...

CVE-2022-48165

An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials...

WAVLINK WL-WN530H4 安全漏洞

WAVLINK WL-WN530H4 is a router from China RuiYin Technology WAVLINK. A security vulnerability exists in WAVLINK WL-WN530H4 M30H4.V5030.210121 version, which originates from an access control issue in the component /cgi-bin/ExportLogs.sh, and can be exploited by an attacker to download configurati...

PT-2023-15598 · Wavlink · Wavlink Wl-Wn530Hg4

Name of the Vulnerable Software and Affected Versions: Wavlink WL-WN530H4 M30H4.V5030.210121 Description: The issue is related to an access control problem in the "/cgi-bin/ExportLogs.sh" component, allowing unauthenticated attackers to download configuration data, log files, and obtain admin...

How to export logs using App Layering 2204 or higher

Walk-through the new export logs steps...

CVE-2021-24696

The Simple Download Monitor WordPress plugin before 3.9.9 does not enforce nonce checks, which could allow attackers to perform CSRF attacks to 1 make admins export logs to exploit a separate log disclosure vulnerability fixed in 3.9.6, 2 delete logs fixed in 3.9.9, 3 remove thumbnail image from...

Simple Download Monitor < 3.9.9 - Multiple CSRF

The plugin does not enforce nonce checks, which could allow attackers to perform CSRF attacks to 1 make admins export logs to exploit a separate log disclosure vulnerability fixed in 3.9.6, 2 delete logs fixed in 3.9.9, 3 remove thumbnail image from downloads PoC To export logs which could then b...

How to export log files from the Citrix Enterprise Layer Manager (ELM)

NOTE: These steps apply to AL prior to 2204. See CTX463786 for the new interface steps You can export logs for your Citrix Enterprise Layer Manager ELM, and send them to the Citrix Support. This article explains what log files are available for export, and which log files are useful for what kind...

How to Collect Logs for Veeam ONE

Purpose This article documents the process for gathering diagnostic logging from Veeam ONE. Solution Collecting Veeam ONE Logs 1. Open the Veeam ONE Settings Utility Run: C:\Program Files\Common Files\Veeam\Veeam ONE Settings\VeeamOneSettings.exe 2. In the lower-left corner, clickExport Logs 3. Y...