Vulnerabilities (CVE)

Filtered by vendor Weblogexpert Subscribe
Filtered by product Weblog Expert
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-7582 1 Weblogexpert 1 Weblog Expert 2024-02-04 5.0 MEDIUM 7.5 HIGH
WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long HTTP Accept Header to TCP port 9991.
CVE-2018-7581 1 Weblogexpert 1 Weblog Expert 2024-02-04 4.6 MEDIUM 7.8 HIGH
\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin.