Logontracer

logontracer

Vendor: Jpcert • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-33566 1Jpcert 1Logontracer Apr 28, 2026 Apr 27, 2026 5.1 MEDIUM· v4 4.3 MEDIUM· v3 N/A· v2 There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.
CVE-2026-33277 1Jpcert 1Logontracer Apr 28, 2026 Apr 27, 2026 8.7 HIGH· v4 8.8 HIGH· v3 N/A· v2 An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user.
CVE-2018-16168 1Jpcert 1Logontracer Nov 21, 2024 Jan 9, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors.
CVE-2018-16167 1Jpcert 1Logontracer Nov 21, 2024 Jan 9, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-16166 1Jpcert 1Logontracer Nov 21, 2024 Jan 9, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 LogonTracer 1.2.0 and earlier allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
CVE-2018-16165 1Jpcert 1Logontracer Nov 21, 2024 Jan 9, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in LogonTracer 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.