Vulnerabilities (CVE)

Filtered by vendor Emlog Subscribe

Filtered by product Emlog

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-23379	1 Emlog	1 Emlog	2022-02-09	7.5 HIGH	9.8 CRITICAL
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid().
CVE-2021-40883	1 Emlog	1 Emlog	2021-12-15	7.5 HIGH	9.8 CRITICAL
A Remote Code Execution (RCE) vulnerability exists in emlog 5.3.1 via content/plugins.
CVE-2021-31737	1 Emlog	1 Emlog	2021-05-12	7.5 HIGH	9.8 CRITICAL
emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php.
CVE-2020-21585	1 Emlog	1 Emlog	2021-04-08	7.5 HIGH	9.8 CRITICAL
Vulnerability in emlog v6.0.0 allows user to upload webshells via zip plugin module.
CVE-2019-16868	1 Emlog	1 Emlog	2019-09-26	7.5 HIGH	9.8 CRITICAL
emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter.