zrlog vulnerabilities and exploits

4.3
MEDIUM
CVE-2018-17421

An issue was discovered in ZrLog 2.0.3. There is stored XSS in the file upload area via a crafted attached/file/ pathname....

6.5
MEDIUM
CVE-2018-17420

An issue was discovered in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter....