Vulnerabilidades en LogStare Inc.
6 resultadosCVE-2025-64299MEDIUMLogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes.EPSS 0.2%CVE-2025-62189MEDIUMLogStare Collector contains an incorrect authorization vulnerability in UserRegistration. If exploited, a non-administrative user may createEPSS 0.2%CVE-2025-61949MEDIUMLogStare Collector contains a stored cross-site scripting vulnerability in UserManagement. If crafted user information is stored, an arbitraEPSS 0.1%CVE-2025-64695HIGHUncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be execEPSS 0.1%CVE-2025-62687MEDIUMCross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted page while logged, unintended operations maEPSS 0.1%CVE-2025-58097MEDIUMThe installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate fEPSS 0.1%