Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zrlog vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2019-16643
An issue exists in ZrLog 2.1.1. There is a Stored XSS vulnerability in the article_edit area.
Zrlog Zrlog 2.0.1
NA
CVE-2020-27514
Directory Traversal vulnerability in delete function in admin.api.TemplateController in ZrLog version 2.1.15, allows remote malicious users to delete arbitrary files and cause a denial of service (DoS).
Zrlog Zrlog 2.1.5
383
VMScore
CVE-2018-17079
An issue exists in ZRLOG 2.0.1. There is a Stored XSS vulnerability in the nickname field of the comment area.
Zrlog Zrlog 2.0.1
668
VMScore
CVE-2021-44093
A Remote Command Execution vulnerability on the background in zrlog 2.2.2, at the upload avatar function, could bypass the original limit, upload the JSP file to get a WebShell
Zrlog Zrlog 2.2.2
605
VMScore
CVE-2021-44094
ZrLog 2.2.2 has a remote command execution vulnerability at plugin download function, it could execute any JAR file
Zrlog Zrlog 2.2.2
312
VMScore
CVE-2020-19005
zrlog v2.1.0 has a vulnerability with the permission check. If admin account is logged in, other unauthorized users can download the database backup file directly.
Zrlog Zrlog 2.1.0
383
VMScore
CVE-2020-18066
Cross Site Scripting vulnerability in ZrLog 2.1.0 via the (1) userName and (2) email parameters in post/addComment.
Zrlog Zrlog 2.1.0
578
VMScore
CVE-2018-17420
An issue exists in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter.
Zrlog Zrlog 2.0.3
383
VMScore
CVE-2018-17421
An issue exists in ZrLog 2.0.3. There is stored XSS in the file upload area via a crafted attached/file/ pathname.
Zrlog Zrlog 2.0.3
NA
CVE-2020-21052
Cross Site Scripting vulnerability in zrlog zrlog v.2.1.3 allows a remote malicious user to execute arbitrary code via the nickame parameter of the /post/addComment function.
Zrlog Zrlog 2.1.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »