Emlog Security Vulnerabilities and Issues — Emlog CVE List

Lucene search

EmlogEmlog

4 matches found

CVE•added 2022/01/31 10:15 p.m.•44 views

CVE-2022-23872

Emlog pro v1.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /admin/configure.php via the parameter footer_info.

4.8CVSS4.9AI score0.00321EPSS

Web

CVE•added 2022/11/03 6:15 p.m.•39 views

CVE-2022-43372

Emlog Pro v1.7.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability at /admin/store.php.

4.8CVSS4.9AI score0.00081EPSS

CVE•added 2021/09/15 10:15 p.m.•30 views

CVE-2020-21321

emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows attackers to arbitrarily add articles.

4.3CVSS4.7AI score0.00141EPSS

Web

CVE•added 2025/05/15 8:16 p.m.•24 views

CVE-2025-47786

Emlog is an open source website building system. Version 2.5.13 has a stored cross-site scripting vulnerability that allows any registered user to construct malicious JavaScript, inducing all website users to click. In /admin/comment.php, the parameter perpage_num is not validated and is directly s...

4.8CVSS5.7AI score0.00037EPSS

Web