Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Meteocontrol Subscribe
Filtered by product Web\'log Light
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-2296 1 Meteocontrol 4 Web\'log Basic 100, Web\'log Light, Web\'log Pro and 1 more 2023-12-10 7.5 HIGH 9.4 CRITICAL
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
CVE-2016-2298 1 Meteocontrol 4 Web\'log Basic 100, Web\'log Light, Web\'log Pro and 1 more 2023-12-10 10.0 HIGH 9.8 CRITICAL
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors.
CVE-2016-2297 1 Meteocontrol 4 Web\'log Basic 100, Web\'log Light, Web\'log Pro and 1 more 2023-12-10 9.7 HIGH 9.4 CRITICAL
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature."