Vulnerabilities > Emlog > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-01-05 CVE-2024-13140 Cross-site Scripting vulnerability in Emlog 2.4.0/2.4.1
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3.
network
low complexity
emlog CWE-79
5.4
2024-12-21 CVE-2024-12846 Cross-site Scripting vulnerability in Emlog
A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
4.8
2024-12-20 CVE-2024-12845 Cross-site Scripting vulnerability in Emlog
A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
2024-12-20 CVE-2024-12843 Cross-site Scripting vulnerability in Emlog
A vulnerability was found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
2024-12-20 CVE-2024-12844 Cross-site Scripting vulnerability in Emlog
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
2024-12-20 CVE-2024-12841 Cross-site Scripting vulnerability in Emlog
A vulnerability was found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
2024-11-15 CVE-2024-50655 Cross-site Scripting vulnerability in Emlog
emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles.
network
low complexity
emlog CWE-79
5.4
2024-06-10 CVE-2024-31612 Cross-Site Request Forgery (CSRF) vulnerability in Emlog 2.3.0
Emlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used with a XSS vulnerability to access administrator information.
network
low complexity
emlog CWE-352
6.5
2024-01-16 CVE-2023-41619 Cross-site Scripting vulnerability in Emlog 2.1.14
Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/article.php?action=write.
network
low complexity
emlog CWE-79
6.1
2023-12-14 CVE-2023-41618 Cross-site Scripting vulnerability in Emlog 2.1.14
Emlog Pro v2.1.14 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /admin/article.php?active_savedraft.
network
low complexity
emlog CWE-79
6.1