Klogserver: >> Klog Server Security Vulnerabilities
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
CVSS Score
8.8
EPSS Score
0.212
Published
2021-01-26
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
CVSS Score
9.8
EPSS Score
0.926
Published
2020-12-27