Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elog project elog vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-3992
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain access to valid admin usern...
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-3993
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-3994
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to use a freed variable.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-3995
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2016-6342
elog 3.1.1 allows remote malicious users to post data as any username in the logbook.
Fedoraproject Fedora 24
Elog Project Elog 3.1.1
6.5
CVSSv3
CVE-2019-3996
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
Elog Project Elog
Fedoraproject Fedora 30
Fedoraproject Fedora 31
NA
CVE-2006-6318
The show_elog_list function in elogd.c in elog 2.6.2 and previous versions allows remote authenticated users to cause a denial of service (daemon crash) by attempting to access a logbook whose name begins with "global," which results in a NULL pointer dereference. NOTE:...
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.6.0
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.5
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.6.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.5.7
Stefan Ritt Elog Web Logbook 2.0.5
Stefan Ritt Elog Web Logbook
NA
CVE-2006-5790
Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and previous versions allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via (1) an entry with an attachment whose name contains format string specifiers (el_submit ...
Stefan Ritt Elog Web Logbook
NA
CVE-2006-5791
Multiple cross-site scripting (XSS) vulnerabilities in elogd.c in ELOG 2.6.2 and previous versions allow remote malicious users to inject arbitrary HTML or web script via (1) the filename for downloading, which is not quoted in an error message by the send_file_direct function, a...
Stefan Ritt Elog Web Logbook
NA
CVE-2006-5063
Cross-site scripting (XSS) vulnerability in Elog 2.6.1 allows remote malicious users to inject arbitrary web script or HTML by editing log entries in HTML mode.
Stefan Ritt Elog Web Logbook 2.6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »