olajowon

5 exploits Active since Feb 2025
CVE-2025-26047 GITEE MEDIUM python
Loggrove v1.0 - SQL Injection in read.py
Loggrove v1.0 is vulnerable to SQL Injection in the read.py file.
4 stars
CVSS 5.1
CVE-2025-26014 GITEE CRITICAL python
Loggrove 1.0 - Remote Code Execution via Path Parameter
A Remote Code Execution (RCE) vulnerability in Loggrove v.1.0 allows a remote attacker to execute arbitrary code via the path parameter.
4 stars
CVSS 9.8
CVE-2025-26013 GITEE HIGH python
Loggrove 1.0 - Sensitive Information Exposure via read.py Component
An issue in Loggrove v.1.0 allows a remote attacker to obtain sensitive information via the read.py component.
4 stars
CVSS 8.2
CVE-2025-1229 GITEE MEDIUM python
olajowon Loggrove - OS Command Injection via Path Argument
A vulnerability classified as critical was found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected by this vulnerability is an unknown functionality of the file /read/?page=1&logfile=eee&match=. The manipulation of the argument path leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
4 stars
CVSS 6.3
CVE-2025-1228 GITEE MEDIUM python
Loggrove <e428fac38cc480f011afcb1d8ce6c2bad378ddd6 - Path Traversal
A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected is an unknown function of the file /read/?page=1&logfile=LOG_Monitor of the component Logfile Update Handler. The manipulation of the argument path leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
4 stars
CVSS 4.3