Vulnerabilities > Stefan Ritt > Elog WEB Logbook > 2.6.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-11 | CVE-2008-7206 | Cross-Site Scripting vulnerability in Stefan Ritt Elog web Logbook Unspecified vulnerability in Electronic Logbook (ELOG) before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML code," probably cross-site scripting (XSS). | 4.3 |
2006-12-28 | CVE-2006-6318 | Denial Of Service vulnerability in ELOG Web Logbook ELogD Server The show_elog_list function in elogd.c in elog 2.6.2 and earlier allows remote authenticated users to cause a denial of service (daemon crash) by attempting to access a logbook whose name begins with "global," which results in a NULL pointer dereference. | 5.0 |
2006-09-28 | CVE-2006-5063 | HTML Injection vulnerability in Stefan Ritt Elog web Logbook 2.6.1 Cross-site scripting (XSS) vulnerability in Elog 2.6.1 allows remote attackers to inject arbitrary web script or HTML by editing log entries in HTML mode. | 5.1 |