Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-23409 | 1 Ethercreative | 1 Logs | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php. | |||||
CVE-2021-32752 | 1 Ethercreative | 1 Logs | 2024-11-21 | 4.0 MEDIUM | 7.2 HIGH |
Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may disable the plugin if untrustworthy sources have admin access. |