Vulnerabilities > Emlog

DATE CVE VULNERABILITY TITLE RISK
2024-05-17 CVE-2024-5043 Unspecified vulnerability in Emlog 2.3.4
A vulnerability was found in Emlog Pro 2.3.4 and classified as critical.
network
low complexity
emlog
8.8
8.8
2024-05-17 CVE-2024-5044 Unspecified vulnerability in Emlog 2.3.4
A vulnerability was found in Emlog Pro 2.3.4.
network
high complexity
emlog
8.1
8.1
2024-04-14 CVE-2024-3763 Unspecified vulnerability in Emlog 2.2.10
A vulnerability was found in Emlog Pro 2.2.10.
network
low complexity
emlog
5.4
5.4
2024-04-14 CVE-2024-3762 Unspecified vulnerability in Emlog 2.2.10
A vulnerability was found in Emlog Pro 2.2.10.
network
low complexity
emlog
5.4
5.4
2024-01-16 CVE-2023-41619 Cross-site Scripting vulnerability in Emlog 2.1.14
Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/article.php?action=write.
network
low complexity
emlog CWE-79
6.1
6.1
2023-12-14 CVE-2023-41618 Cross-site Scripting vulnerability in Emlog 2.1.14
Emlog Pro v2.1.14 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /admin/article.php?active_savedraft.
network
low complexity
emlog CWE-79
6.1
6.1
2023-12-13 CVE-2023-41621 Cross-site Scripting vulnerability in Emlog 2.1.14
A Cross Site Scripting (XSS) vulnerability was discovered in Emlog Pro v2.1.14 via the component /admin/store.php.
network
low complexity
emlog CWE-79
6.1
6.1
2023-12-12 CVE-2023-41623 SQL Injection vulnerability in Emlog 2.1.14
Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid parameter at /admin/media.php.
network
low complexity
emlog CWE-89
7.2
7.2
2023-10-03 CVE-2023-44973 Unrestricted Upload of File with Dangerous Type vulnerability in Emlog 2.2.0
An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
network
low complexity
emlog CWE-434
critical
 9.8
9.8
2023-10-03 CVE-2023-44974 Unrestricted Upload of File with Dangerous Type vulnerability in Emlog 2.2.0
An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
network
low complexity
emlog CWE-434
critical
 9.8
9.8