Lucene search
K

417 matches found

CNNVD
CNNVD
added 2025/10/03 12:0 a.m.6 views

Emlog Pro 跨站脚本漏洞

Emlog Pro is an Emlog open source blogging system. A cross-site scripting vulnerability exists in Emlog Pro 2.5.21 and earlier versions, which stems from a Twitter feature that does not properly validate input and could lead to a stored cross-site scripting attack...

5.4CVSS5.8AI score0.00189EPSS
Exploits1References1
OSV
OSV
added 2025/10/03 12:0 a.m.4 views

CVE-2025-60448

A stored Cross-Site Scripting XSS vulnerability has been discovered in Emlog Pro 2.5.19. The vulnerability exists due to insufficient validation of SVG file uploads in the /admin/media.php component, allowing attackers to upload malicious SVG files containing JavaScript code that executes when th...

6.1CVSS6.1AI score0.00213EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/08/23 12:30 p.m.8 views

CVE-2025-9296

A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS4.7AI score0.00373EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/08/22 11:31 a.m.6 views

CVE-2025-9173

A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available ...

9.8CVSS6.3AI score0.00066EPSS
Exploits0References1
NVD
NVD
added 2025/08/21 12:15 p.m.6 views

CVE-2025-9296

A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS0.00373EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/08/21 11:32 a.m.11 views

CVE-2025-9296 Emlog Pro blogger.php unrestricted upload

A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

5.8CVSS0.00373EPSS
Exploits1References4
OSV
OSV
added 2025/08/21 11:32 a.m.4 views

CVE-2025-9296 Emlog Pro blogger.php unrestricted upload

A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

5.1CVSS5.5AI score0.00373EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/08/21 11:32 a.m.3 views

CVE-2025-9296 Emlog Pro blogger.php unrestricted upload

A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...

5.8CVSS7AI score0.00373EPSS
Exploits1References4
CVE
CVE
added 2025/08/21 11:32 a.m.17 views

CVE-2025-9296

CVE-2025-9296 affects Emlog Pro up to 2.5.18. The vulnerability resides in the /admin/blogger.php?action=update_avatar function where manipulating the image parameter enables unrestricted file uploads. This can be exploited remotely, and public disclosures exist. Connected sources consistently de...

9.8CVSS7AI score0.00373EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.9 views

Emlog Pro 安全漏洞

Emlog Pro is a blogging system from Emlog open source. A security vulnerability exists in Emlog Pro 2.5.18 and earlier versions, which stems from an incorrect manipulation of the parameter image leading to unlimited uploads...

9.8CVSS4.8AI score0.00373EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.7 views

PT-2025-34203 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions through 2.5.18 Description: A security vulnerability has been detected in Emlog Pro. The issue affects an unknown function within the /admin/blogger.php?action=update avatar file. Manipulation of the image argument allows f...

5.8CVSS4.5AI score0.00373EPSS
Exploits1References9
NVD
NVD
added 2025/08/20 11:15 a.m.25 views

CVE-2025-9173

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The file upload in include/service/media.php verifies the file extension based on a list defined in...

0.00066EPSS
Exploits0
OSV
OSV
added 2025/08/20 11:15 a.m.2 views

CVE-2025-9173

A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload&sid=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made...

9.8CVSS6.8AI score
Exploits0References7
Cvelist
Cvelist
added 2025/08/20 11:2 a.m.20 views

CVE-2025-9173

...

0.00066EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/08/20 11:2 a.m.4 views

CVE-2025-9173

...

6.5AI score0.00066EPSS
Exploits0
CVE
CVE
added 2025/08/20 11:2 a.m.16 views

CVE-2025-9173

CVE-2025-9173 is tied to Emlog Pro up to 2.5.18. The issue stems from improper handling of file uploads in /admin/media.php?action=upload&sid=0, where manipulation of the File argument can enable an unrestricted upload. Remote exploitation is possible per sources, with a publicly available exploi...

6.9AI score0.00066EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.6 views

PT-2025-34036 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions through 2.5.18 Description: A weakness has been identified that allows for unrestricted file upload. This issue affects the processing of the file /admin/media.php?action=upload&sid=0. Manipulation of the File argument can...

6.5CVSS6.2AI score0.00066EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/08/20 12:0 a.m.4 views

编号撤回

Emlog Pro is an Emlog open source blogging system. A security vulnerability exists in Emlog Pro 2.5.18 and earlier versions, which stems from improper handling of file uploads and could lead to unlimited uploads...

6.6AI score0.00066EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/03 2:14 p.m.13 views

CVE-2025-44139

Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog/admin/plugin.php?action=uploadzip...

7.2CVSS6.4AI score0.00671EPSS
Exploits1References1
NVD
NVD
added 2025/08/01 4:15 p.m.5 views

CVE-2025-44139

Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog/admin/plugin.php?action=uploadzip...

7.2CVSS0.00671EPSS
Exploits1References1
Rows per page
Query Builder