5 matches found
EUVD-2009-0374
Malware in sbrugna...
EUVD-2021-1570
Malware in sbrugna...
Design/Logic Flaw
Shopware is an open source eCommerce platform. Versions prior to 6.4.3.1 contain a vulnerability involving an insecure direct object reference of log files of the Import/Export feature. Version 6.4.3.1 contains a patch. As workarounds for older versions of 6.1, 6.2, and 6.3, corresponding securit...
Ogaki Kyoritsu bank Smartphone Passbook for Android Information Disclosure Vulnerability
Ogaki Kyoritsu bank Smartphone Passbook is a suite of mobile banking passbook applications from Ogaki Kyoritsu Bank Corporation in Japan. Ogaki Kyoritsu bank Smartphone Passbook fails to securely create log files containing sensitive data, allowing an attacker to exploit vulnerabilities to obtain...
Design/Logic Flaw
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions 07777, which allows local users to read and write to these log files...