Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
emlog emlog vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-21321
emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows malicious users to arbitrarily add articles.
Emlog Emlog 6.0.0
4.3
CVSSv2
CVE-2021-30227
Cross Site Scripting (XSS) vulnerability in the article comments feature in emlog 6.0.
Emlog Emlog 6.0.0
NA
CVE-2023-30338
Multiple stored cross-site scripting (XSS) vulnerabilities in Emlog Pro v2.0.3 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Article Title or Article Summary parameters.
Emlog Emlog 2.0.3
3.5
CVSSv2
CVE-2021-40610
Emlog Pro v 1.0.4 cross-site scripting (XSS) in Emlog Pro background management.
Emlog Pro Project Emlog Pro 1.0.4
NA
CVE-2024-25381
There is a Stored XSS Vulnerability in Emlog Pro 2.2.8 Article Publishing, due to non-filtering of quoted content.
NA
CVE-2024-31612
Emlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used with a XSS vulnerability to access administrator information.
NA
CVE-2024-31013
Cross Site Scripting (XSS) vulnerability in emlog version Pro 2.3, allow remote malicious users to execute arbitrary code via a crafted payload to the bottom of the homepage in footer_info parameter.
NA
CVE-2024-33752
An arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remote malicious user to submit a special request to upload a malicious file to execute arbitrary code.
NA
CVE-2024-5043
A vulnerability was found in Emlog Pro 2.3.4 and classified as critical. Affected by this issue is some unknown functionality of the file admin/setting.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the p...
NA
CVE-2024-3762
A vulnerability was found in Emlog Pro 2.2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/twitter.php of the component Whisper Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The expl...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »