242 matches found
Code injection
elog 3.1.1 allows remote attackers to post data as any username in the logbook...
CVE-2016-6342
elog 3.1.1 allows remote attackers to post data as any username in the logbook...
CVE-2016-6342
Summary: CVE-2016-6342 affects the Erlang logging library elog version 3.1.1, enabling remote attackers to publish data in the logbook under any username. This is documented across multiple sources, including NVD/NIST, CNVD, OSV, and vendor advisories. Impact: Allows a remote attacker to post dat...
PT-2017-8970 · Elog · Elog
Name of the Vulnerable Software and Affected Versions: elog version 3.1.1 Description: The issue allows remote attackers to post data as any username in the logbook. Recommendations: For elog version 3.1.1, at the moment, there is no information about a newer version that contains a fix for this...
Fedora Update for elog FEDORA-2016-348a7b6285
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : elog (2016-348a7b6285)
Security fix for CVE-2016-6342 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora 23 : elog (2016-820a4795a9)
Security fix for CVE-2016-6342 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora 24 : elog (2016-508767e6b7)
Security fix for CVE-2016-6342 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora Update for elog FEDORA-2016-508767e6b7
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for elog FEDORA-2016-820a4795a9
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 23 Update: elog-3.1.1-7.fc23
ELOG is part of a family of applications known as weblogs. Their general purpose is: 1. To make it easy for people to put information online in a chronological fashion, in the form of short, time-stamped text messages "entries" with optional HTML markup for presentation, and optional file...
[SECURITY] Fedora 25 Update: elog-3.1.1-7.fc25
ELOG is part of a family of applications known as weblogs. Their general purpose is: 1. To make it easy for people to put information online in a chronological fashion, in the form of short, time-stamped text messages "entries" with optional HTML markup for presentation, and optional file...
elog-ch.net XSS vulnerability
Vulnerable URL: http://elog-ch.net/?m=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13639 Google Pagerank| 4 VIP website status:| Yes...
elog-ch.net XSS vulnerability
Vulnerable URL: http://elog-ch.net/?y=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 13639 Google Pagerank| 4 VIP website status:| Yes...
ELOG <= 2.5.6 - Remote Shell Exploit
No description provided by source. / Worked on latest version for me http://midas.psi.ch/elog/download/tar/elog-latest.tar.gz elog-latest.tar.gz 26-Jan-2005 21:36 519K Default port 8080. str0ke / / Hi there, someone has brought to u a gift. ELOG Remote Shell Exploit = 2.5.6 Also for future Versio...
ELOG Logbook Cross Site Scripting Vulnerability
This host has ELOG installed and is prone to cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodelogxssvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ ELOG Logbook Cross Site Scripting Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 SecPod, http://www.secpod.com...
ELOG < 2.7.2 XSS Vulnerability
ELOG is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elogproject:elog";...
CVE-2008-7206
Unspecified vulnerability in Electronic Logbook ELOG before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML code," probably cross-site scripting XSS...
Cross site scripting
Unspecified vulnerability in Electronic Logbook ELOG before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML code," probably cross-site scripting XSS...
CVE-2008-7206
Unspecified vulnerability in Electronic Logbook ELOG before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML code," probably cross-site scripting XSS...