ELOG Information Disclosure Vulnerability (CNVD-2020-04142)

ELOG is a web application written in C for creating personal and general purpose logs. An information disclosure vulnerability exists in ELOG 3.1.4-57bea22 and prior versions. The vulnerability stems from errors such as configuration during operation of a networked system or product. An...

ELOG Unintended Proxy Vulnerability

ELOG is a web application written in C for creating personal and general purpose logs. An unintended proxy vulnerability exists in ELOG 3.1.4-57bea22 and earlier versions, which can be exploited by an unauthenticated, remote attacker by sending a specially crafted HTTP POST request that uses ELOG...

CVE-2019-3993

ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request...

CVE-2019-3993

ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request...

PT-2019-16837 · Elog · Elog

Name of the Vulnerable Software and Affected Versions: ELOG versions 3.1.4-57bea22 and below Description: The issue allows unauthenticated remote attackers to use the software as an HTTP GET request proxy by sending crafted HTTP POST requests. Recommendations: For versions 3.1.4-57bea22 and below...

PT-2019-16836 · Elog · Elog

Name of the Vulnerable Software and Affected Versions: ELOG versions 3.1.4-57bea22 and below Description: The issue is related to a denial of service vulnerability caused by a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET reque...