GCVE - cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Adiscon (`7683fca7-ad37-54e5-80c9-76aa82abdde7`)
Product	Loganalyzer (`e8853d19-42c0-5a13-949a-08d13f4dbff4`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/loganalyzer`	purl2cpe	2026-06-01 10:13:08.066345
`pkg:deb/ubuntu/loganalyzer`	purl2cpe	2026-06-01 10:13:08.066348
`pkg:github/rsyslog/loganalyzer`	purl2cpe	2026-06-01 10:13:08.066351

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-36306`	vulnerable	2026-06-03 14:52:19.771659	Details available A Cross Site Scripting (XSS) vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components. Published: 2023-08-08T00:00:00.000Z Updated: 2024-10-10T18:29:39.015Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/51643	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-34600`	vulnerable	2026-06-03 14:52:16.961491	Details available Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection. Published: 2023-06-20T00:00:00.000Z Updated: 2024-12-09T19:03:00.236Z Open on db.gcve.eu Reference links https://loganalyzer.adiscon.com/ https://github.com/costacoco/Adiscon/blob/main/README.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-19877`	vulnerable	2026-06-03 14:38:29.765168	Details available login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Button Referer field. Published: 2018-12-05T21:00:00.000Z Updated: 2024-08-05T11:44:20.683Z Open on db.gcve.eu Reference links https://loganalyzer.adiscon.com/news/loganalyzer-v4-1-7-v4-stable-released/ https://www.exploit-db.com/exploits/45958/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-6070`	vulnerable	2026-06-03 14:34:12.501703	Details available Multiple cross-site scripting (XSS) vulnerabilities in Adiscon LogAnalyzer before 3.6.6 allow remote attackers to inject arbitrary web script or HTML via the hostname in (1) index.php or (2) detail.php. Published: 2014-09-11T14:00:00.000Z Updated: 2024-08-06T12:03:02.380Z Open on db.gcve.eu Reference links http://www.exploit-db.com/exploits/34525 http://packetstormsecurity.com/files/128121/LogAnalyzer-3.6.5-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2014/Sep/17 http://loganalyzer.adiscon.com/downloads/loganalyzer-3-6-6-v3-stable https://exchange.xforce.ibmcloud.com/vulnerabilities/95677	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2012-3790`	vulnerable	2026-06-03 14:32:01.551843	Details available Cross-site scripting (XSS) vulnerability in index.php in Adiscon LogAnalyzer before 3.4.4 and 3.5.x before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter in a Search action. Published: 2012-06-20T15:00:00.000Z Updated: 2024-09-16T19:51:46.535Z Open on db.gcve.eu Reference links http://secpod.org/advisories/SecPod_LogAnalyzer_XSS_Vuln.txt http://loganalyzer.adiscon.com/security-advisories/loganalyzer-cross-site-scripting-vulnerability-in-highlight-parameter http://loganalyzer.adiscon.com/downloads/loganalyzer-3-4-4-v3-stable http://loganalyzer.adiscon.com/downloads/loganalyzer-v3-5-5-v3-beta http://secpod.org/blog/?p=504	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.