VYPR

Logontracer

by Jpcert

CVEs (5)

  • CVE-2026-33277HigApr 27, 2026
    risk 0.57cvss 8.8epss 0.01

    An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user.

  • CVE-2026-33566MedApr 27, 2026
    risk 0.28cvss 4.3epss 0.00

    There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.

  • CVE-2018-16167Jan 9, 2019
    risk 0.10cvss epss 0.75

    LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

  • CVE-2018-16165Jan 9, 2019
    risk 0.00cvss epss 0.01

    Cross-site scripting vulnerability in LogonTracer 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2018-16166Jan 9, 2019
    risk 0.00cvss epss 0.02

    LogonTracer 1.2.0 and earlier allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.