Lucene search
+L

4 matches found

Positive Technologies
Positive Technologies
added 2025/10/03 12:0 a.m.7 views

PT-2025-40526

Name of the Vulnerable Software and Affected Versions Emlog Pro version 2.5.19 Description A stored Cross-Site Scripting XSS issue exists due to inadequate validation of SVG file uploads within the /admin/media.php component. This allows attackers to upload malicious SVG files containing JavaScri...

6.1CVSS5.8AI score0.00213EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/10/03 12:0 a.m.3 views

CVE-2025-60448

A stored Cross-Site Scripting XSS vulnerability has been discovered in Emlog Pro 2.5.19. The vulnerability exists due to insufficient validation of SVG file uploads in the /admin/media.php component, allowing attackers to upload malicious SVG files containing JavaScript code that executes when th...

5.7AI score0.00213EPSS
Exploits1References1
OSV
OSV
added 2025/10/03 12:0 a.m.10 views

CVE-2025-60447

A stored Cross-Site Scripting XSS vulnerability has been discovered in Emlog Pro 2.5.19. The vulnerability exists in the email template configuration component located at /admin/setting.php?action=mail, which allows administrators to input HTML code that is not properly sanitized, leading to...

5.9CVSS6.1AI score0.0024EPSS
Exploits1References3
OSV
OSV
added 2025/10/03 12:0 a.m.4 views

CVE-2025-60448

A stored Cross-Site Scripting XSS vulnerability has been discovered in Emlog Pro 2.5.19. The vulnerability exists due to insufficient validation of SVG file uploads in the /admin/media.php component, allowing attackers to upload malicious SVG files containing JavaScript code that executes when th...

6.1CVSS6.1AI score0.00213EPSS
Exploits1References3
Rows per page
Query Builder