76 matches found
CVE-2020-24038
myFax version 229 logs sensitive information in the export log module which allows any user to access critical information...
CVE-2020-24038
CVE-2020-24038 affects myFax version 229, where the export log module logs sensitive information, enabling access to critical data by any user. The Red Hat, CNVD, CNNVD and related records corroborate an information disclosure flaw rooted in the export logging, resulting in exposure of sensitive ...
MyFax 日志信息泄露漏洞
myFax is a software application. A complete fax solution for the Internet. A security vulnerability exists in myFax that stems from version 229 of myFax logging sensitive information in the export log module, which can be exploited by an attacker to access critical information...
GHSA-H58V-C6RF-G9F7 Cross site scripting in the system log
Impact It is possible to inject code into the tllog table that will be executed in the browser when the system log is called in the back end. Patches Update to Contao 4.9.16 or 4.11.5. Workarounds Disable the system log module in the back end for all users especially admin users. References...
SECUDOS DOMOS Log Module Cross-Site Scripting Vulnerability
SECUDOS DOMOS is an operating system for IoT devices from SECUDOS Germany. log is one of the logging modules. A cross-site scripting vulnerability exists in the Log module in SECUDOS DOMOS versions prior to 5.6. The vulnerability stems from the lack of proper validation of client-side data in the...
CVE-2019-18664
The Log module in SECUDOS DOMOS before 5.6 allows XSS...
CVE-2019-18665
The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion...
CVE-2019-18665
The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion...
CVE-2019-18664
The Log module in SECUDOS DOMOS before 5.6 allows XSS...
Design/Logic Flaw
The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion...
Cross site scripting
The Log module in SECUDOS DOMOS before 5.6 allows XSS...
CVE-2019-18664
The Log module in SECUDOS DOMOS before 5.6 allows XSS...
CVE-2019-18664
The affected software is SECUDOS DOMOS, specifically the Log module. The vulnerability is a Cross-Site Scripting (XSS) flaw in the Log module prior to version 5.6, arising from insufficient validation of client-side data in the web application. Impact is client-side code execution within the affe...
CVE-2019-18665
SECUDOS DOMOS (before 5.6) is affected by CVE-2019-18665 via the Log module, enabling Local File Inclusion. Multiple sources confirm an LFI exists in the Log module that could let an attacker read arbitrary server files. Impact is read access to sensitive files; no exploitation details are provid...
CVE-2019-18665
The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion...
Cross site scripting in the system log
Date : 2018-04-18 CVE ID : CVE-2018-10125 Description With a manipulated request, an attacker can implant a script which is executed when a logged in back end user opens the system log. The attacker does not have to be logged in. Affected versions Contao 3. up to 3.5.33 Contao 4.0 Contao 4.1 Cont...