Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
emlog emlog 6.0.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-16868
emlog up to and including 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter.
Emlog Emlog
Emlog Emlog 6.0.0
6.5
CVSSv3
CVE-2019-17073
emlog up to and including 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal.
Emlog Emlog 6.0.0
Emlog Emlog
8.8
CVSSv3
CVE-2021-30081
An issue exists in emlog 6.0.0stable. There is a SQL Injection vulnerability that can execute any SQL statement and query server sensitive data via admin/navbar.php?action=add_page.
Emlog Emlog 6.0.0
7.5
CVSSv3
CVE-2020-19028
*File Upload vulnerability found in Emlog EmlogCMS v.6.0.0 allows a remote malicious user to gain access to sensitive information via the /admin/plugin.php function.
Emlog Emlog 6.0.0
6.5
CVSSv3
CVE-2020-21014
emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php.
Emlog Emlog 6.0.0
6.1
CVSSv3
CVE-2020-18194
Cross Site Scripting (XSS) in emlog v6.0.0 allows remote malicious users to execute arbitrary code by adding a crafted script as a link to a new blog post.
Emlog Emlog 6.0.0
9.8
CVSSv3
CVE-2022-23379
Emlog v6.0 exists to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid().
Emlog Emlog 6.0.0
8.8
CVSSv3
CVE-2018-18316
emlog v6.0.0 has CSRF via the admin/user.php?action=new URI.
Emlog Emlog 6.0.0
7.2
CVSSv3
CVE-2020-21013
emlog v6.0.0 contains a SQL injection via /admin/comment.php.
Emlog Emlog 6.0.0
4.3
CVSSv3
CVE-2020-21321
emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows malicious users to arbitrarily add articles.
Emlog Emlog 6.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »