cbcvebase.

Adiscon Loganalyzer vulnerabilities

6 known vulnerabilities affecting adiscon/loganalyzer.

Total CVEs
6
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2023-34600P2CRITICALCVSS 9.8≤ 4.1.132023-06-20
CVE-2023-34600 [CRITICAL] CWE-89 CVE-2023-34600: Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection. Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection.
nvd
CVE-2018-19877P3MEDIUMCVSS 6.1PoCfixed in 4.1.72018-12-05
CVE-2018-19877 [MEDIUM] CWE-79 CVE-2018-19877: login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Button Referer field. login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Button Referer field.
nvd
CVE-2023-36306P3MEDIUMCVSS 6.1PoC≤ 4.1.132023-08-08
CVE-2023-36306 [MEDIUM] CWE-79 CVE-2023-36306: A Cross Site Scripting (XSS) vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a rem A Cross Site Scripting (XSS) vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components.
nvd
CVE-2014-6070P4MEDIUMCVSS 4.3PoC≤ 3.6.5v3.6.0+4 more2014-09-11
CVE-2014-6070 [MEDIUM] CWE-79 CVE-2014-6070: Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnalyzer before 3.6.6 allow remote Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnalyzer before 3.6.6 allow remote attackers to inject arbitrary web script or HTML via the hostname in (1) index.php or (2) detail.php.
nvd
CVE-2021-31738P4MEDIUMCVSS 6.1v4.1.10v4.1.112021-06-08
CVE-2021-31738 [MEDIUM] CWE-79 CVE-2021-31738: Adiscon LogAnalyzer 4.1.10 and 4.1.11 allow login.php XSS. Adiscon LogAnalyzer 4.1.10 and 4.1.11 allow login.php XSS.
nvd
CVE-2012-3790P4MEDIUMCVSS 4.3≤ 3.4.3v3.2.0+12 more2012-06-20
CVE-2012-3790 [MEDIUM] CWE-79 CVE-2012-3790: Cross-site scripting (XSS) vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x Cross-site scripting (XSS) vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a Search action.
nvd
Adiscon Loganalyzer vulnerabilities | cvebase