Emlog

Emlog

86 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.1

CVE-2025-25818

  • EPSS 0.04%
  • Veröffentlicht 26.02.2025 15:15:28
  • Zuletzt bearbeitet 07.04.2025 18:52:50

A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the postStrVar function at article_save.php.

7.1

CVE-2025-25825

  • EPSS 0.03%
  • Veröffentlicht 26.02.2025 15:15:28
  • Zuletzt bearbeitet 07.04.2025 18:52:38

A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Titile in the article category section.

6.8

CVE-2025-25827

  • EPSS 0.04%
  • Veröffentlicht 26.02.2025 15:15:28
  • Zuletzt bearbeitet 07.04.2025 18:52:32

A Server-Side Request Forgery (SSRF) in the component sort.php of Emlog Pro v2.5.4 allows attackers to scan local and internal ports via supplying a crafted URL.

9.8

CVE-2025-25783

  • EPSS 0.56%
  • Veröffentlicht 26.02.2025 15:15:26
  • Zuletzt bearbeitet 07.04.2025 19:11:53

An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3 allows attackers to execute arbitrary code via uploading a crafted Zip file.

5.4

CVE-2024-13140

Exploit
  • EPSS 0.14%
  • Veröffentlicht 05.01.2025 12:15:05
  • Zuletzt bearbeitet 10.01.2025 21:34:19

A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover of the component Cover Upload Handler. The manipulation of the argument image leads ...

5.4

CVE-2024-13135

Exploit
  • EPSS 0.16%
  • Veröffentlicht 05.01.2025 09:15:05
  • Zuletzt bearbeitet 25.02.2025 22:53:27

A vulnerability has been found in Emlog Pro 2.4.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/twitter.php of the component Subpage Handler. The manipulation leads to cross site scriptin...

5.4

CVE-2024-13132

Exploit
  • EPSS 0.16%
  • Veröffentlicht 05.01.2025 05:15:06
  • Zuletzt bearbeitet 25.02.2025 22:49:31

A vulnerability classified as problematic was found in Emlog Pro up to 2.4.3. This vulnerability affects unknown code of the file /admin/article.php of the component Subpage Handler. The manipulation leads to cross site scripting. The attack can be i...

4.8

CVE-2024-12846

Exploit
  • EPSS 0.1%
  • Veröffentlicht 21.12.2024 05:15:07
  • Zuletzt bearbeitet 10.01.2025 21:34:58

A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1. Affected by this issue is some unknown functionality of the file /admin/link.php. The manipulation of the argument siteurl/icon leads to cross site scripti...

6.1

CVE-2024-12845

Exploit
  • EPSS 0.14%
  • Veröffentlicht 20.12.2024 22:15:24
  • Zuletzt bearbeitet 07.01.2025 18:35:19

A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1. Affected by this vulnerability is an unknown functionality in the library /include/lib/common.php. The manipulation of the argument msg leads to cross site scripting. The a...

6.1

CVE-2024-12844

Exploit
  • EPSS 0.19%
  • Veröffentlicht 20.12.2024 21:15:07
  • Zuletzt bearbeitet 07.01.2025 18:45:15

A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.1. Affected is an unknown function of the file /admin/store.php. The manipulation of the argument tag leads to cross site scripting. It is possible to launch the attack r...