Klogserver Klog Server vulnerabilities
2 known vulnerabilities affecting klogserver/klog_server.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2020-35729P1CRITICALCVSS 9.8PoCv2.4.12020-12-27
CVE-2020-35729 [CRITICAL] CWE-78 CVE-2020-35729: KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.p
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
nvd
CVE-2021-3317P2HIGHCVSS 8.8PoC≤ 2.4.12021-01-26
CVE-2021-3317 [HIGH] CWE-78 CVE-2021-3317: KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on th
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
nvd