114 matches found
CVE-2008-7206
Unspecified vulnerability in Electronic Logbook ELOG before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML code," probably cross-site scripting XSS...
Cross site scripting
Unspecified vulnerability in Electronic Logbook ELOG before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML code," probably cross-site scripting XSS...
CVE-2008-7206
ELOG (Electronic Logbook)
CVE-2008-7206
Unspecified vulnerability in Electronic Logbook ELOG before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML code," probably cross-site scripting XSS...
ELOG Version Detection
This script finds the running ELOG Version and saves the result in KB. OpenVAS Vulnerability Test $Id: secpodelogdetect.nasl 5877 2017-04-06 09:01:48Z teissa $ ELOG Version Detection Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod, http://www.secpod.com This program is free software; you...
CVE-2008-7004
Buffer overflow in Electronic Logbook ELOG before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c...
Buffer overflow
Buffer overflow in Electronic Logbook ELOG before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c...
CVE-2008-7004
Buffer overflow in Electronic Logbook ELOG before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c...
CVE-2008-7004
ELOG before 2.7.1 is affected by multiple vulnerabilities, including a remote buffer overflow (likely in elog.c) with CVSS-like indication of high impact. Affected product: Electronic Logbook (ELOG); vulnerable component/file: elog.c; version prior to 2.7.1. OpenVAS confirms multiple issues and l...
ELOG Web LogBook global Denial of Service
The remote web server is affected by a denial of service issue. Description : The remote web server is identified as ELOG Web Logbook, an open source blogging software. The version of ELOG Web Logbook installed on the remote host is vulnerable to a denial of service attack by requesting '/global'...
ELOG < 2.6.2-7 DoS Vulnerability
ELOG is prone to a denial of service DoS vulnerability by requesting SPDX-FileCopyrightText: 2008 Justin Seitz Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2008-0445
The replaceinlineimg function in elogd in Electronic Logbook ELOG before 2.7.1 allows remote attackers to cause a denial of service infinite loop via crafted logbook entries. NOTE: some of these details are obtained from third party information...
CVE-2008-0445
The replaceinlineimg function in elogd in Electronic Logbook ELOG before 2.7.1 allows remote attackers to cause a denial of service infinite loop via crafted logbook entries. NOTE: some of these details are obtained from third party information...
Information disclosure
The replaceinlineimg function in elogd in Electronic Logbook ELOG before 2.7.1 allows remote attackers to cause a denial of service infinite loop via crafted logbook entries. NOTE: some of these details are obtained from third party information...
CVE-2008-0444
Cross-site scripting XSS vulnerability in Electronic Logbook ELOG before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via subtext parameter to unspecified components...
CVE-2008-0444
Cross-site scripting XSS vulnerability in Electronic Logbook ELOG before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via subtext parameter to unspecified components...
CVE-2008-0445
The CVE-2008-0445 issue affects Electronic Logbook (ELOG) prior to version 2.7.1. The vulnerability lies in the replace_inline_img function in elogd, which can be triggered by crafted logbook entries to cause a denial of service (infinite loop). Public sources (NVD/OpenVAS entries) confirm the af...
CVE-2008-0444
CVE-2008-0444 affects Electronic Logbook (ELOG) versions before 2.7.0. The vulnerability is a Cross-site Scripting (XSS) issue that could allow remote attackers to inject arbitrary web script or HTML through the subtext parameter to unspecified components. The available connected sources confirm ...
CVE-2006-6318
The showeloglist function in elogd.c in elog 2.6.2 and earlier allows remote authenticated users to cause a denial of service daemon crash by attempting to access a logbook whose name begins with "global," which results in a NULL pointer dereference. NOTE: some of these details are obtained from...
CVE-2006-6318
Removed by vendor...