CVE-2018-19513

Name of the Vulnerable Software and Affected Versions Webgalamb versions prior to 7.0

Description The issue concerns the exposure of log files to the internet, potentially containing sensitive client data such as email addresses. This exposure also facilitates the exploitation of SQL injection errors. The log files are stored with predictable filenames, making them easily accessible.

Recommendations For versions prior to 7.0, restrict access to the log files to prevent exposure of sensitive data and potential exploitation of SQL injection errors. Consider implementing proper access controls and secure storage for log files until a fixed version is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.