CVE-2019-9734

Name of the Vulnerable Software and Affected Versions Aquarius CMS versions prior to 4.3.6

Description The issue allows Aquarius CMS to write POST and GET parameters, including passwords, to a log file due to an overwriting of configuration parameters under certain circumstances.

Recommendations For versions prior to 4.3.6, update to version 4.3.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the log files to minimize the risk of sensitive information exposure.