CVE-2026-42287 Emlog: SQL Injection Vulnerability in log_model.php within addLog() and updateLog() Functions

Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potentially leading to complete database compromise, data theft, or system destruction. This issue has been...

EUVD-2014-8767

Malware in sbrugna...

Checkmk 日志信息泄露漏洞

Checkmk is an editor. A security vulnerability exists in Tribe29 Checkmk version 2.1.0p13 and earlier, version 2.0.0p29 and earlier, and version 1.6.0. An attacker can exploit the vulnerability to update the program log file...

SUSE CVE-2017-7796

On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file...

MailPress <= 7.2.1 - Arbitrary Settings Update & Log Files Purge via CSRF

The plugin does not have CSRF checks in various places, which could allow attackers to make a logged in admin change the settings, purge log files and more via CSRF attacks PoC...

WordPress 插件 SQL注入漏洞

WordPress Plugin is an open source application plugin for WordPress. An SQL injection vulnerability exists in CleanTalk WordPress Plugin versions prior to 5.153.4, which originates from an update log function in lib/Cleantalk/ApbctWP/Firewall/SFW.php that contains a vulnerable query. An attacker...

PT-2021-3413

Name of the Vulnerable Software and Affected Versions Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin versions prior to 5.153.4 Description The issue is related to the update log function in the lib/Cleantalk/ApbctWP/Firewall/SFW.php module, which does not properly protect the S...

VulnCheck KEV: CVE-2021-24295

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be...

Lexiglot Information Disclosure Vulnerability

Lexiglot is a translation platform written in PHP by the French software developer Damien Sorel. An information disclosure vulnerability exists in Lexiglot versions 2014-11-20 and earlier, which can be exploited by a remote attacker to obtain sensitive information name and details of a project by...

CVE-2017-7796

On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file...

PHP 5.6.29 releases, security vulnerability fixes-bug warning-the black bar safety net

The PHP development team announced PHP 5.6.29 available. This is a safe version that fixes several security vulnerabilities. Suggested that all PHP 5.6 users upgrade to this version. Update content: Mysqlnd: Fixed bug 64526 the missing mysqlnd. Add parameters to the php. ini-. Opcache: Fixed bug...