Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-9724 | 1 Aquaverde | 1 Aquarius Cms | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an error in the Log-File writer component. | |||||
CVE-2019-1010308 | 1 Aquaverde | 1 Aquarius Cms | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file. | |||||
CVE-2019-9734 | 1 Aquaverde | 1 Aquarius Cms | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a log file due to an overwriting of configuration parameters under certain circumstances. |