Vulnerabilities > Emlog > Emlog > 2.2.6

DATE CVE VULNERABILITY TITLE RISK
2025-03-28 CVE-2025-30372 SQL Injection vulnerability in Emlog
Emlog is an open source website building system.
network
low complexity
emlog CWE-89
critical
 9.8
9.8
2024-12-21 CVE-2024-12846 Cross-site Scripting vulnerability in Emlog
A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
4.8
4.8
2024-12-20 CVE-2024-12845 Cross-site Scripting vulnerability in Emlog
A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
6.1
2024-12-20 CVE-2024-12843 Cross-site Scripting vulnerability in Emlog
A vulnerability was found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
6.1
2024-12-20 CVE-2024-12844 Cross-site Scripting vulnerability in Emlog
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
6.1
2024-12-20 CVE-2024-12841 Cross-site Scripting vulnerability in Emlog
A vulnerability was found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
6.1
2024-11-15 CVE-2024-50655 Cross-site Scripting vulnerability in Emlog
emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles.
network
low complexity
emlog CWE-79
5.4
5.4
2022-11-13 CVE-2022-3968 Cross-site Scripting vulnerability in Emlog
A vulnerability has been found in emlog and classified as problematic.
network
low complexity
emlog CWE-79
6.1
6.1
2019-10-01 CVE-2019-17073 Path Traversal vulnerability in Emlog
emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal.
network
low complexity
emlog CWE-22
6.5
6.5
2019-09-25 CVE-2019-16868 Path Traversal vulnerability in Emlog
emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter.
network
low complexity
emlog CWE-22
critical
 9.8
9.8