Vulnerabilities > Jpcert > Logontracer

DATE CVE VULNERABILITY TITLE RISK
2019-01-09 CVE-2018-16168 Code Injection vulnerability in Jpcert Logontracer
LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors.
network
low complexity
jpcert CWE-94
critical
 9.8
9.8
2019-01-09 CVE-2018-16167 OS Command Injection vulnerability in Jpcert Logontracer
LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
network
low complexity
jpcert CWE-78
critical
 9.8
9.8
2019-01-09 CVE-2018-16166 XXE vulnerability in Jpcert Logontracer
LogonTracer 1.2.0 and earlier allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
network
low complexity
jpcert CWE-611
8.8
8.8
2019-01-09 CVE-2018-16165 Cross-site Scripting vulnerability in Jpcert Logontracer
Cross-site scripting vulnerability in LogonTracer 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
jpcert CWE-79
6.1
6.1