Vulnerabilities > Emlog

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-13	CVE-2022-3968	Cross-site Scripting vulnerability in Emlog A vulnerability has been found in emlog and classified as problematic. network low complexity emlog CWE-79	6.1
2022-11-03	CVE-2022-43372	Cross-site Scripting vulnerability in Emlog 1.7.1 Emlog Pro v1.7.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability at /admin/store.php. network low complexity emlog CWE-79	4.8
2022-10-21	CVE-2022-42189	Unrestricted Upload of File with Dangerous Type vulnerability in Emlog 1.6.0 Emlog Pro 1.6.0 plugins upload suffers from a remote code execution (RCE) vulnerability. network low complexity emlog CWE-434	7.2
2022-04-29	CVE-2022-1526	Cross-site Scripting vulnerability in Emlog A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. network low complexity emlog CWE-79	5.4
2022-02-04	CVE-2022-23379	SQL Injection vulnerability in Emlog 6.0.0 Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid(). network low complexity emlog CWE-89 critical	9.8
2022-01-31	CVE-2022-23872	Cross-site Scripting vulnerability in Emlog 1.1.1 Emlog pro v1.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /admin/configure.php via the parameter footer_info. network low complexity emlog CWE-79	4.8
2022-01-06	CVE-2021-44584	Cross-site Scripting vulnerability in Emlog Cross-site scripting (XSS) vulnerability in index.php in emlog version <= pro-1.0.7 allows remote attackers to inject arbitrary web script or HTML via the s parameter. network low complexity emlog CWE-79	6.1
2021-12-14	CVE-2021-40883	Unrestricted Upload of File with Dangerous Type vulnerability in Emlog 5.3.1 A Remote Code Execution (RCE) vulnerability exists in emlog 5.3.1 via content/plugins. network low complexity emlog CWE-434 critical	9.8
2021-10-06	CVE-2020-21654	Unspecified vulnerability in Emlog 6.0.0 emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file. network low complexity emlog	7.2
2021-10-01	CVE-2020-21013	SQL Injection vulnerability in Emlog 6.0.0 emlog v6.0.0 contains a SQL injection via /admin/comment.php. network low complexity emlog CWE-89	7.2

Vulnerabilities > Emlog {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Emlog"}]}

Vulnerabilities > Emlog