6 matches found
CVE-2018-19877
CVE-2018-19877 affects Adiscon LogAnalyzer prior to 4.1.7. The vulnerability is a Cross-Site Scripting (XSS) in the login.php file, exploitable via the Login Button Referer field. The underlying issue is an XSS in the referer parameter of login.php, allowing execution of malicious scripts in the ...
CVE-2023-34600
CVE-2023-34600 affects Adiscon LogAnalyzer v4.1.13 and earlier, vulnerable to SQL Injection. The connected documents identify the affected software and the vulnerability class but do not provide concrete patch/version remediation details. No explicit exploitation status is given beyond the vulner...
CVE-2023-36306
CVE-2023-36306 affects Adiscon LogAnalyzer v4.1.13 and earlier. The vulnerability is a stored/reflected Cross-Site Scripting (XSS) that allows unauthenticated attackers to inject JavaScript via the asktheoracle.php parameter (uid), potentially stealing administrator session cookies and accessing ...
CVE-2014-6070
Summary (CVE-2014-6070): Adiscon LogAnalyzer prior to 3.6.6 is affected by cross-site scripting (XSS) via the hostname field used in index.php and detail.php. The root cause is improper sanitization of the hostname retrieved from log files, allowing an attacker to inject arbitrary HTML/JavaScript...
CVE-2012-3790
CVE-2012-3790 is an XSS vulnerability in Adiscon LogAnalyzer. The affected software is LogAnalyzer, specifically versions before 3.4.4 and 3.5.x before 3.5.5, where a cross-site scripting flaw can be triggered via the highlight parameter in the index.php Search action. The underlying issue allows...
CVE-2021-31738
Adiscon LogAnalyzer 4.1.10 and 4.1.11 are affected by a login.php XSS vulnerability. The connected documents identify this as a cross-site scripting issue in the login page but do not provide attack details, affected versions beyond 4.1.10/4.1.11, root cause, exploitation status, or a patch. Moni...