Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

olajowon

Source -

CNANVD

BOS Name -

N/A

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated ProductsRelated AssignersReports
5Vulnerabilities found
CVE-2025-26047
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-28 Feb, 2025 | 00:00
Updated-12 Jun, 2025 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Loggrove v1.0 is vulnerable to SQL Injection in the read.py file.

Action-Not Available
Vendor-olajowonn/a
Product-loggroven/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-26013
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.10% / 27.28%
||
7 Day CHG~0.00%
Published-21 Feb, 2025 | 00:00
Updated-13 Jun, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Loggrove v.1.0 allows a remote attacker to obtain sensitive information via the read.py component.

Action-Not Available
Vendor-olajowonn/a
Product-loggroven/a
CWE ID-CWE-540
Inclusion of Sensitive Information in Source Code
CVE-2025-26014
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.88% / 74.47%
||
7 Day CHG~0.00%
Published-21 Feb, 2025 | 00:00
Updated-13 Jun, 2025 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution (RCE) vulnerability in Loggrove v.1.0 allows a remote attacker to execute arbitrary code via the path parameter.

Action-Not Available
Vendor-olajowonn/a
Product-loggroven/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2025-1229
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.80% / 73.18%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 22:00
Updated-13 Feb, 2025 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
olajowon Loggrove page os command injection

A vulnerability classified as critical was found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected by this vulnerability is an unknown functionality of the file /read/?page=1&logfile=eee&match=. The manipulation of the argument path leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

Action-Not Available
Vendor-olajowon
Product-Loggrove
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-1228
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.98%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 21:31
Updated-13 Feb, 2025 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
olajowon Loggrove Logfile Update page path traversal

A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected is an unknown function of the file /read/?page=1&logfile=LOG_Monitor of the component Logfile Update Handler. The manipulation of the argument path leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.

Action-Not Available
Vendor-olajowon
Product-Loggrove
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')