Lucene search
China National Vulnerability DatabaseCNVD-2023-99180HistoryDec 15, 2023 - 12:00 a.m.
Unspecified Vulnerability in Emlog (CNVD-2023-9918065)
2023-12-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
emlog
php
mysql
cms
security vulnerability
uid parameter
unauthorized access
database
sql injection
data theft
privacy breach
web page manipulation
database tampering
link embedding
cnvd
emlog is a PHP and MySQL based CMS builder for emlog personal developers. Emlog pro2.1.14 version of a security vulnerability, the vulnerability stems from the uid parameter in /admin/media.php contains SQL injection vulnerability. Attackers can use this vulnerability to gain unauthorized access to database data, steal users’ privacy and personal information, manipulate the database to tamper with certain web pages, modify the value of some database fields, embed links to the Internet horse, and carry out attacks on the horse.
| CPE | Name | Operator | Version |
|---|---|---|---|
| emlog emlog pro | eq | 2.1.14 |
Related
prion
prion
Sql injection
2023-12-12 09:15:00
cve
cve
CVE-2023-41623
2023-12-12 09:15:07
osv
osv
CVE-2023-41623
2023-12-12 09:15:07
cvelist
cvelist
CVE-2023-41623
2023-12-12 00:00:00
nvd
nvd
CVE-2023-41623
2023-12-12 09:15:07