242 matches found
CVE-2019-20375
A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization loc command to elogd.c...
ELOG <= 3.1.5 Multiple Vulnerabilities
ELOG is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elogproject:elog"; ifdescription...
CVE-2025-64348
ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is specifically enabled with the "-x" command line flag, attackers could execute OS commands on the host machine. By default, ELOG is not configured to allow...
CVE-2025-64349
ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target user's email address, then request a password reset, and take control of the target account. By default, ELOG is not configured to allow self-registration...
CVE-2025-62618
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or...
CVE-2025-64349 ELOG user profile missing authorization
ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target user's email address, then request a password reset, and take control of the target account. By default, ELOG is not configured to allow self-registration...
CVE-2025-64349
CVE-2025-64349 affects ELOG (the Electronic Logbook) with an authentication-level flaw: an authenticated, low-privilege user can modify another user’s profile, potentially changing the target’s email address and triggering a password reset to take over the account. Public records note ELOG defaul...
CVE-2025-62618 ELOG file upload stored XSS
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or...
CVE-2025-62618 ELOG file upload stored XSS
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or...
ELog 安全漏洞
ELog is an electronic logging software with a web interface by the individual developer Stefan Ritt. A security vulnerability exists in ELog that originates from an authenticated user being able to modify other users' profiles, potentially leading to an account takeover...
PT-2025-44666
Name of the Vulnerable Software and Affected Versions ELOG affected versions not specified Description The ELOG platform, an electronic logbook system, has an issue where an authenticated attacker with low privileges can modify another user's profile. Specifically, an attacker can alter a target...
PT-2025-44665
Name of the Vulnerable Software and Affected Versions ELOG affected versions not specified Description ELOG allows an authenticated user to modify or overwrite the configuration file, potentially leading to a denial of service. If the execute facility is enabled using the '-x' command line flag,...
PT-2025-44664
Name of the Vulnerable Software and Affected Versions ELOG versions prior to 3.1.5-20251014 Description ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. The application includes usernames and...
EUVD-2006-0606
Malware in sbrugna...
EUVD-2006-5048
Malware in sbrugna...
EUVD-2006-0354
Malware in sbrugna...
EUVD-2006-0604
Malware in sbrugna...
EUVD-2006-0607
Malware in sbrugna...
EUVD-2006-0355
Malware in sbrugna...
EUVD-2019-13599
Malware in sbrugna...