CVE-2019-20376

A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c...

CVE-2019-20376

A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c...

CVE-2019-20375

A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization loc command to elogd.c...

CVE-2006-6318

Affected product: ELOG Web Logbook (versions up to 2.6.2). Vulnerability: show_elog_list in elogd.c dereferences NULL when a logbook name begins with “global”, causing a remote DoS (daemon crash) with authenticated access. Impact per sources: denial of service; no exploit details beyond that prov...

CVE-2006-6318

Removed by vendor...

Buffer overflow

Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attackers to execute code via unspecified variables, when writing to the log file...

CVE-2006-0597

Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cause a denial of service application crash and possibly execute code via long "revision attributes"...

CVE-2006-0598

CVE-2006-0598 is a buffer overflow in elogd.c of the elog log system, exploitable via writing to the log file on affected versions before the patch. Public sources identify the vulnerability in elog up to version 2.5.7 r1558-4. Debian’s DSA-967-1 and related advisories confirm multiple vulnerabil...

CVE-2006-0598

Removed by vendor...