Vulnerabilities > Emlog > Emlog > 2.1.14
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-16 | CVE-2023-41619 | Cross-site Scripting vulnerability in Emlog 2.1.14 Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/article.php?action=write. | 6.1 |
2023-12-14 | CVE-2023-41618 | Cross-site Scripting vulnerability in Emlog 2.1.14 Emlog Pro v2.1.14 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /admin/article.php?active_savedraft. | 6.1 |
2023-12-13 | CVE-2023-41621 | Cross-site Scripting vulnerability in Emlog 2.1.14 A Cross Site Scripting (XSS) vulnerability was discovered in Emlog Pro v2.1.14 via the component /admin/store.php. | 6.1 |
2023-12-12 | CVE-2023-41623 | SQL Injection vulnerability in Emlog 2.1.14 Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid parameter at /admin/media.php. | 7.2 |
2023-10-02 | CVE-2023-43267 | Cross-site Scripting vulnerability in Emlog 2.1.14 A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title field. | 5.4 |
2022-11-13 | CVE-2022-3968 | Cross-site Scripting vulnerability in Emlog A vulnerability has been found in emlog and classified as problematic. | 6.1 |