A vulnerability classified as critical was found in concrete5 up to 8.5.5. This vulnerability affects the function Logging::update_logging of the file controllers/single_page/dashboard/system/environment/logging.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
concrete5 up to 8.5.5 logging.php Logging::update_logging logFile deserialization
- Virtual Patching
- July 30, 2021
- 7:06 pm
- Virtual Patching
- July 30, 2021
- 7:06 pm
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2022-37452 : EXIM UP TO 4.94 ALIAS LIST HOST.C HOST_NAME_LOOKUP SENDER_HOST_NAME HEAP-BASED OVERFLOW
Description Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is
CVE-2022-27535 : KASPERSKY VPN SECURE CONNECTION UP TO 21.5 ON WINDOWS DENIAL OF SERVICE
Description Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of
CVE-2022-32965 : OMICARD EDM HARD-CODED CREDENTIALS
Description OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized