PT-2025-24539 · Emlog · Emlog

Name of the Vulnerable Software and Affected Versions: Emlog versions up to 2.5.7 Description: A vulnerability was found in Emlog, affecting some unknown processing of the file /admin/article.php. The manipulation of the active post argument leads to cross-site scripting. The attack may be...

PT-2025-21361 · Emlog · Emlog

Name of the Vulnerable Software and Affected Versions: Emlog versions 2.5.13 and earlier Description: Emlog is an open source website building system. The system has a deserialization issue. A user can create a carefully crafted nickname, causing str replace to replace the value of name orig with...

PT-2025-21366 · Emlog · Emlog

Name of the Vulnerable Software and Affected Versions: Emlog version 2.5.13 Description: Emlog is an open source website building system with a stored cross-site scripting issue. This allows any registered user to construct malicious JavaScript, inducing all website users to click. The...

PT-2024-23726 · Emlog · Emlog

Name of the Vulnerable Software and Affected Versions: emlog version Pro 2.3 Description: The issue allows remote attackers to execute arbitrary code via a crafted payload to the bottom of the homepage in the footer info parameter. This is a Cross Site Scripting XSS issue. Recommendations: For...

CVE-2019-17073

emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal...