← Back

Weblog Expert

weblog_expert

Vendor: Weblogexpert • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-7582
1Weblogexpert
1Weblog Expert
Nov 21, 2024
Mar 9, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long HTTP Accept Header to TCP port 9991.
CVE-2018-7581
1Weblogexpert
1Weblog Expert
Nov 21, 2024
Mar 9, 2018
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin.