Secuavail
secuavail
6 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be executed with the privilege of the user invoking the installer. |
LogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes. |
1Secuavail 1Logstare Collector Dec 2, 2025 Nov 21, 2025 6.9 MEDIUM· v4 6.5 MEDIUM· v3 N/A· v2 Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted page while logged, unintended operations may be performed. |
1Secuavail 1Logstare Collector Dec 4, 2025 Nov 21, 2025 5.3 MEDIUM· v4 4.3 MEDIUM· v3 N/A· v2 LogStare Collector contains an incorrect authorization vulnerability in UserRegistration. If exploited, a non-administrative user may create a new user account by sending a crafted HTTP request. |
1Secuavail 1Logstare Collector Dec 5, 2025 Nov 21, 2025 4.8 MEDIUM· v4 5.4 MEDIUM· v3 N/A· v2 LogStare Collector contains a stored cross-site scripting vulnerability in UserManagement. If crafted user information is stored, an arbitrary script may be executed on the web browser of the user who logs in to the prod...Show more |
The installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate files within the installation directory and execute arbitrary code with the admin...Show more |