← Back

Klogserver

klogserver

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Klog Server
klog_server
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-3317
1Klogserver
1Klog Server
Nov 21, 2024
Jan 26, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
CVE-2020-35729
1Klogserver
1Klog Server
Nov 21, 2024
Dec 27, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.