5 matches found
EUVD-2011-4851
Malware in sbrugna...
PT-2025-29546 · Matomo · Matomo
Name of the Vulnerable Software and Affected Versions: Matomo versions prior to 3.0.3 Description: An authenticated remote code execution issue exists in Matomo due to the plugin upload mechanism. An authenticated user with Superuser privileges can upload and activate a malicious plugin ZIP...
CVE-2019-12215
A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. NOTE: the vendor disputes the significance of this...
CVE-2019-12215
A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. NOTE: the vendor disputes the significance of this...
CVE-2019-12215
A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. NOTE: the vendor disputes the significance of this...