Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Emlog'
2023-12-12
CVE-2023-41623
CWE-89
Emlog version pro2.1.14 was discovered to contain a SQL injection vulnerability via the uid parameter at /admin/media.php.
2022-02-04
CVE-2022-23379
CWE-89
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid().
2022-01-06
CVE-2021-44584
CWE-79
Cross-site scripting (XSS) vulnerability in index.php in emlog version <= pro-1.0.7 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
2021-12-14
CVE-2021-40883
CWE-434
A Remote Code Execution (RCE) vulnerability exists in emlog 5.3.1 via content/plugins.
2021-10-01
CVE-2020-21013
CWE-89
emlog v6.0.0 contains a SQL injection via /admin/comment.php.
CVE-2020-21014
CWE-732
emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php.
2021-05-24
CVE-2021-30081
CWE-89
An issue was discovered in emlog 6.0.0stable. There is a SQL Injection vulnerability that can execute any SQL statement and query server sensitive data via admin/navbar.php?action=add_page.
2021-05-17
CVE-2020-18194
CWE-79
Cross Site Scripting (XSS) in emlog v6.0.0 allows remote attackers to execute arbitrary code by adding a crafted script as a link to a new blog post.
2021-05-06
CVE-2021-31737
CWE-434
emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php.
2021-04-29
CVE-2021-30227
CWE-79
Cross Site Scripting (XSS) vulnerability in the article comments feature in emlog 6.0.
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Emlog' 