Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting

Adiscon LogAnalyzer before 4.1.7 contains a cross-site scripting vulnerability in the 'referer' parameter of the login.php file. id: CVE-2018-19877 info: name: Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting author: arafatansari severity: medium description: | Adiscon LogAnalyzer before 4.1.7...

Adiscon LogAnalyzer v.4.1.13 - Cross-Site Scripting

A Cross Site Scripting XSS vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php id: CVE-2023-36306 info: name: Adiscon LogAnalyzer v.4.1.13 - Cross-Site Scripting author: r3Y3r53 severity: medium description: | A...

EUVD-2014-5957

Malware in sbrugna...

EUVD-2018-11551

Malware in sbrugna...

EUVD-2021-18622

Malware in sbrugna...

EUVD-2012-3737

Malware in sbrugna...

EUVD-2023-40276

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-19877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Button Referer field. CVE-2018-19877 Note that Nessus relies on the presence of the package ...

Linux Distros Unpatched Vulnerability : CVE-2021-31738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adiscon LogAnalyzer 4.1.10 and 4.1.11 allow login.php XSS. CVE-2021-31738 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2012-3790

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web...

Linux Distros Unpatched Vulnerability : CVE-2023-34600

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection. CVE-2023-34600 Note that Nessus relies on the presence of the package as reported by the...

CVE-2023-36306

A Cross Site Scripting XSS vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components...

CVE-2023-34600

Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection...

CVE-2021-31738

Adiscon LogAnalyzer 4.1.10 and 4.1.11 allow login.php XSS...

CVE-2012-3790

Cross-site scripting XSS vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a Search action...

CVE-2023-36306

A Cross Site Scripting XSS vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components...

CVE-2023-36306

A Cross Site Scripting XSS vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components...

Cross site scripting

A Cross Site Scripting XSS vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components...

PT-2023-25521 · Adiscon · Loganalyzer

Name of the Vulnerable Software and Affected Versions: Adiscon LogAnalyzer versions through 4.1.13 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via the "asktheoracle.php", "details.php", "index.php", "search.php", "export.php", "reports.php", an...

CVE-2023-36306

CVE-2023-36306 affects Adiscon LogAnalyzer v4.1.13 and earlier. The vulnerability is a stored/reflected Cross-Site Scripting (XSS) that allows unauthenticated attackers to inject JavaScript via the asktheoracle.php parameter (uid), potentially stealing administrator session cookies and accessing ...