Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-2296 | 1 Meteocontrol | 4 Web\'log Basic 100, Web\'log Light, Web\'log Pro and 1 more | 2017-09-06 | 7.5 HIGH | 9.4 CRITICAL |
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | |||||
CVE-2016-2297 | 1 Meteocontrol | 4 Web\'log Basic 100, Web\'log Light, Web\'log Pro and 1 more | 2016-11-29 | 9.7 HIGH | 9.4 CRITICAL |
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature." | |||||
CVE-2016-2298 | 1 Meteocontrol | 4 Web\'log Basic 100, Web\'log Light, Web\'log Pro and 1 more | 2016-11-29 | 10.0 HIGH | 9.8 CRITICAL |
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors. |