juzaweb CMS Access Control Vulnerability in Error Logs Page

Vulnerability

A critical vulnerability has been identified in juzaweb CMS versions through 3.4.2, specifically within the Error Logs Page component located at /admin-cp/log-viewer. This vulnerability arises from improper access controls, allowing remote exploitation. The issue has been publicly disclosed, and the vendor has not responded to initial notifications.

Impact

Exploitation of this vulnerability allows for unauthorized access to the error logs, potentially leading to information disclosure or further exploitation.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

1.3

exploitability

6.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

1.3

exploitability

6.8

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

juzaweb CMS Access Control Vulnerability in Error Logs Page

Vulnerability

Impact

Affected Products

juzaweb CMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating