417 matches found
Emlog Pro 跨站脚本漏洞
Emlog Pro is an Emlog open source blogging system. A cross-site scripting vulnerability exists in Emlog Pro 2.5.21 and earlier versions, which stems from a Twitter feature that does not properly validate input and could lead to a stored cross-site scripting attack...
CVE-2025-60448
A stored Cross-Site Scripting XSS vulnerability has been discovered in Emlog Pro 2.5.19. The vulnerability exists due to insufficient validation of SVG file uploads in the /admin/media.php component, allowing attackers to upload malicious SVG files containing JavaScript code that executes when th...
CVE-2025-9296
A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-9173
A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available ...
CVE-2025-9296
A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-9296 Emlog Pro blogger.php unrestricted upload
A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-9296 Emlog Pro blogger.php unrestricted upload
A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-9296 Emlog Pro blogger.php unrestricted upload
A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=updateavatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-9296
CVE-2025-9296 affects Emlog Pro up to 2.5.18. The vulnerability resides in the /admin/blogger.php?action=update_avatar function where manipulating the image parameter enables unrestricted file uploads. This can be exploited remotely, and public disclosures exist. Connected sources consistently de...
Emlog Pro 安全漏洞
Emlog Pro is a blogging system from Emlog open source. A security vulnerability exists in Emlog Pro 2.5.18 and earlier versions, which stems from an incorrect manipulation of the parameter image leading to unlimited uploads...
PT-2025-34203 · Emlog Pro · Emlog Pro
Name of the Vulnerable Software and Affected Versions: Emlog Pro versions through 2.5.18 Description: A security vulnerability has been detected in Emlog Pro. The issue affects an unknown function within the /admin/blogger.php?action=update avatar file. Manipulation of the image argument allows f...
CVE-2025-9173
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The file upload in include/service/media.php verifies the file extension based on a list defined in...
CVE-2025-9173
A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload&sid=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made...
CVE-2025-9173
...
CVE-2025-9173
...
CVE-2025-9173
CVE-2025-9173 is tied to Emlog Pro up to 2.5.18. The issue stems from improper handling of file uploads in /admin/media.php?action=upload&sid=0, where manipulation of the File argument can enable an unrestricted upload. Remote exploitation is possible per sources, with a publicly available exploi...
PT-2025-34036 · Emlog Pro · Emlog Pro
Name of the Vulnerable Software and Affected Versions: Emlog Pro versions through 2.5.18 Description: A weakness has been identified that allows for unrestricted file upload. This issue affects the processing of the file /admin/media.php?action=upload&sid=0. Manipulation of the File argument can...
编号撤回
Emlog Pro is an Emlog open source blogging system. A security vulnerability exists in Emlog Pro 2.5.18 and earlier versions, which stems from improper handling of file uploads and could lead to unlimited uploads...
CVE-2025-44139
Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog/admin/plugin.php?action=uploadzip...
CVE-2025-44139
Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog/admin/plugin.php?action=uploadzip...