emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows malicious users to arbitrarily add articles.
emlog emlog 6.0.0