Ethercreative Logs vulnerabilities
2 known vulnerabilities affecting ethercreative/logs.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-23409P3MEDIUMCVSS 4.9PoCfixed in 3.0.42022-01-31
CVE-2022-23409 [MEDIUM] CWE-22 CVE-2022-23409: The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input
The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php.
nvd
CVE-2021-32752P4MEDIUMCVSS 4.9fixed in 3.0.42021-07-09
CVE-2021-32752 [MEDIUM] CWE-552 CVE-2021-32752: Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vuln
Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may disable the plugin if untrustworthy sources have admin
nvd