12 matches found
CVE-2022-23379
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid...
CVE-2022-23379
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid...
Sql injection
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid...
CVE-2022-23379
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid...
CVE-2022-23379
Affected software: Emlog v6.0. Vulnerability: SQL injection via the $TagID parameter of the function getblogidsfromtagid(). Root cause / details: The CVE entry identifies a SQL injection vulnerability in Emlog v6.0; no additional technical specifics (e.g., exact query, parameter handling) are pro...
CVE-2020-21654
emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file...
CVE-2020-21654
emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file...
Design/Logic Flaw
emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file...
CVE-2020-21654
emlog v6.0 contains a vulnerability in the component admin\template.php, which allows attackers to getshell via a crafted Zip file...
CVE-2020-21321
emlog v6.0 contains a Cross-Site Request Forgery CSRF via /admin/link.php?action=addlink, which allows attackers to arbitrarily add articles...
CVE-2020-21321
emlog v6.0 contains a Cross-Site Request Forgery CSRF via /admin/link.php?action=addlink, which allows attackers to arbitrarily add articles...
CVE-2020-21321
emlog v6.0 contains a Cross-Site Request Forgery CSRF via /admin/link.php?action=addlink, which allows attackers to arbitrarily add articles...