Emlog

Emlog

86 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2024-12843

Exploit
  • EPSS 0.19%
  • Veröffentlicht 20.12.2024 21:15:07
  • Zuletzt bearbeitet 07.01.2025 18:56:52

A vulnerability was found in Emlog Pro up to 2.4.1. It has been rated as problematic. This issue affects some unknown processing of the file /admin/plugin.php. The manipulation of the argument filter leads to cross site scripting. The attack may be i...

6.1

CVE-2024-12842

Exploit
  • EPSS 0.19%
  • Veröffentlicht 20.12.2024 20:15:21
  • Zuletzt bearbeitet 05.06.2025 19:43:22

A vulnerability was found in Emlog Pro up to 2.4.1. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/user.php. The manipulation of the argument keyword leads to cross site scripting. The attack can be in...

6.1

CVE-2024-12841

Exploit
  • EPSS 0.19%
  • Veröffentlicht 20.12.2024 19:15:06
  • Zuletzt bearbeitet 07.01.2025 18:58:10

A vulnerability was found in Emlog Pro up to 2.4.1. It has been classified as problematic. This affects an unknown part of the file /admin/tag.php. The manipulation of the argument keyword leads to cross site scripting. It is possible to initiate the...

5.4

CVE-2024-50655

Exploit
  • EPSS 0.32%
  • Veröffentlicht 15.11.2024 17:15:20
  • Zuletzt bearbeitet 21.11.2024 09:44:54

emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles.

6.3

CVE-2024-46540

Exploit
  • EPSS 0.59%
  • Veröffentlicht 30.09.2024 17:15:04
  • Zuletzt bearbeitet 17.06.2025 15:57:20

A remote code execution (RCE) vulnerability in the component /admin/store.php of Emlog Pro before v2.3.15 allows attackers to use remote file downloads and self-extract fucntions to upload webshells to the target server, thereby obtaining system priv...

6.5

CVE-2024-31612

Exploit
  • EPSS 0.16%
  • Veröffentlicht 10.06.2024 18:15:31
  • Zuletzt bearbeitet 21.11.2024 09:13:45

Emlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used with a XSS vulnerability to access administrator information.

8.1

CVE-2024-5044

Exploit
  • EPSS 0.25%
  • Veröffentlicht 17.05.2024 12:15:17
  • Zuletzt bearbeitet 05.03.2025 18:25:53

A vulnerability was found in Emlog Pro 2.3.4. It has been classified as problematic. This affects an unknown part of the component Cookie Handler. The manipulation of the argument AuthCookie leads to improper authentication. It is possible to initiat...

8.8

CVE-2024-5043

Exploit
  • EPSS 0.12%
  • Veröffentlicht 17.05.2024 12:15:16
  • Zuletzt bearbeitet 05.03.2025 18:25:53

A vulnerability was found in Emlog Pro 2.3.4 and classified as critical. Affected by this issue is some unknown functionality of the file admin/setting.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The explo...

6.3

CVE-2024-33752

Exploit
  • EPSS 85.79%
  • Veröffentlicht 06.05.2024 14:15:08
  • Zuletzt bearbeitet 11.06.2025 12:06:35

An arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remote attacker to submit a special request to upload a malicious file to execute arbitrary code.

5.4

CVE-2024-3763

Exploit
  • EPSS 0.06%
  • Veröffentlicht 14.04.2024 23:15:46
  • Zuletzt bearbeitet 05.03.2025 18:25:53

A vulnerability was found in Emlog Pro 2.2.10. It has been rated as problematic. This issue affects some unknown processing of the file /admin/tag.php of the component Post Tag Handler. The manipulation leads to cross site scripting. The attack may b...