CVE-2014-8940: Infoleak
First published: Mon Jun 01 2020(Updated: )
Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and details of projects) by visiting the /update.log URI.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Piwigo Lexiglot | <=2014-11-20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of Lexiglot?
The vulnerability ID of Lexiglot is CVE-2014-8940.
What is the severity of CVE-2014-8940?
The severity of CVE-2014-8940 is medium with a severity value of 5.3.
How does CVE-2014-8940 impact Lexiglot?
CVE-2014-8940 allows remote attackers to obtain sensitive information (names and details of projects) by visiting the /update.log URI.
Which software versions are affected by CVE-2014-8940?
The Lexiglot software versions up to and including 2014-11-20 are affected by CVE-2014-8940.
Is there any available fix for CVE-2014-8940?
It is recommended to update to a newer version of Lexiglot that includes a fix for CVE-2014-8940.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/piwigo
- canonical/piwigo lexiglot
- version/piwigo lexiglot/2014-11-20