Vulnerabilities > Emlog > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-03 CVE-2023-44973 Unrestricted Upload of File with Dangerous Type vulnerability in Emlog 2.2.0
An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
network
low complexity
emlog CWE-434
critical
 9.8
9.8
2023-10-03 CVE-2023-44974 Unrestricted Upload of File with Dangerous Type vulnerability in Emlog 2.2.0
An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
network
low complexity
emlog CWE-434
critical
 9.8
9.8
2023-09-27 CVE-2023-43291 Deserialization of Untrusted Data vulnerability in Emlog
Deserialization of Untrusted Data in emlog pro v.2.1.15 and earlier allows a remote attacker to execute arbitrary code via the cache.php component.
network
low complexity
emlog CWE-502
critical
 9.8
9.8