📦 Logstare Collector

This vulnerability allows attackers to execute arbitrary code by exploiting an uncontrolled search path element in the LogStare Collector installer for Windows. When a user runs the installer, malicio...

LogStare Collector's installation directory has insecure permissions allowing non-admin users to modify files. This enables privilege escalation where attackers can execute arbitrary code with adminis...

LogStare Collector has a stored XSS vulnerability in its UserManagement feature where malicious user information can execute arbitrary scripts in victims' browsers when they access the management page...

LogStare Collector has an incorrect authorization vulnerability in UserRegistration that allows non-administrative users to create new accounts via crafted HTTP requests. This affects all LogStare Col...

A cross-site request forgery (CSRF) vulnerability in LogStare Collector allows attackers to trick authenticated users into performing unintended operations. When logged-in users visit malicious web pa...

LogStare Collector contains an information disclosure vulnerability where administrative users can access other users' password hashes. This affects all LogStare Collector deployments with administrat...