CVE-2018-19513

In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs/sql_error_log/YYYY-MM-DD-sql_error_log.log filenames. The log file could contain sensitive client data (email addresses) and also facilitates exploitation of SQL injection errors.
Configurations

Configuration 1

cpe:2.3:a:ens:webgalamb:*:*:*:*:*:*:*:*

Information

Published : 2019-03-21 04:00

Updated : 2019-03-22 04:34


NVD link : CVE-2018-19513

Mitre link : CVE-2018-19513

Products Affected
No products.
CWE
CWE-532

Insertion of Sensitive Information into Log File