This page lists publicly disclosed CVE vulnerabilities affecting aquaverde aquarius_cms (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2019-1010308 | Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Incorrect Access Control. The impact is: The access to the log file is not restricted. It contains sensitive information like passwords etc. The component is: log file. The attack vector is: open the file. | [email protected] | 9.8 | 1.59% | 2019-07-15 | 2026-06-16 |
| CVE-2019-9734 | Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a log file due to an overwriting of configuration parameters under certain circumstances. | [email protected] | 7.5 | 1.64% | 2019-04-24 | 2026-06-16 |
| CVE-2019-9724 | aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an error in the Log-File writer component. | [email protected] | 7.5 | 1.41% | 2019-04-24 | 2026-06-16 |