CVE-2026-34787

Emlog is an open source website building system. In versions 2.6.2 and prior, a Local File Inclusion LFI vulnerability exists in admin/plugin.php at line 80. The $plugin parameter from the GET request is directly used in a requireonce path without proper sanitization. If the CSRF token check can ...

PT-2024-17762 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions up to 2.4.1 Description: A problem has been found in Emlog Pro that affects some unknown processing of the file /admin/plugin.php. The manipulation of the argument filter leads to cross site scripting. The attack may be...

CVE-2023-44974

An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

Piwigo Remote File Inclusion Vulnerability (CNVD-2017-00112)

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time and more. A security vulnerability exists in the admin/plugin.php file in Piwigo 2.8.3 and earlier versions, which stems from the...