Vulnerabilities > Zrlog > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-11 | CVE-2020-27514 | Path Traversal vulnerability in Zrlog 2.1.5 Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote attackers to delete arbitrary files and cause a denial of service (DoS). | 9.1 |
| 2021-11-28 | CVE-2021-44093 | Unrestricted Upload of File with Dangerous Type vulnerability in Zrlog 2.2.2 A Remote Command Execution vulnerability on the background in zrlog 2.2.2, at the upload avatar function, could bypass the original limit, upload the JSP file to get a WebShell | 9.8 |