Vulnerabilities > Zrlog > Zrlog > 2.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-28 | CVE-2021-44093 | Unrestricted Upload of File with Dangerous Type vulnerability in Zrlog 2.2.2 A Remote Command Execution vulnerability on the background in zrlog 2.2.2, at the upload avatar function, could bypass the original limit, upload the JSP file to get a WebShell | 7.5 |
| 2021-11-28 | CVE-2021-44094 | Unrestricted Upload of File with Dangerous Type vulnerability in Zrlog 2.2.2 ZrLog 2.2.2 has a remote command execution vulnerability at plugin download function, it could execute any JAR file | 6.8 |