Known Vulnerabilities for products from Emlog
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Emlog".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34788 | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-34787 | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-34607 | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-34229 | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-34228 | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2023-44974 | An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arb... | 9.8 - CRITICAL | 2023-10-03 | 2023-10-05 |
| CVE-2023-44973 | An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute a... | 9.8 - CRITICAL | 2023-10-03 | 2023-10-05 |
| CVE-2023-43291 | Deserialization of Untrusted Data in emlog pro v.2.1.15 and earlier allows a remote attacker to execute arbitrary code via th... | 9.8 - CRITICAL | 2023-09-27 | 2023-09-29 |
| CVE-2023-43267 | A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute a... | 5.4 - MEDIUM | 2023-10-02 | 2023-10-04 |
| CVE-2023-39121 | emlog v2.1.9 was discovered to contain a SQL injection vulnerability via the component /admin/user.php. | 7.2 - HIGH | 2023-08-03 | 2023-08-08 |
| CVE-2023-37049 | emlog 2.1.9 is vulnerable to Arbitrary file deletion via admin\template.php. | 6.5 - MEDIUM | 2023-07-26 | 2023-07-31 |
| CVE-2023-30338 | Multiple stored cross-site scripting (XSS) vulnerabilities in Emlog Pro v2.0.3 allows attackers to execute arbitrary web scri... | 5.4 - MEDIUM | 2023-04-27 | 2023-05-03 |
| CVE-2022-43372 | Emlog Pro v1.7.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability at /admin/store.php. | 4.8 - MEDIUM | 2022-11-03 | 2022-11-04 |
| CVE-2022-42189 | Emlog Pro 1.6.0 plugins upload suffers from a remote code execution (RCE) vulnerability. | 7.2 - HIGH | 2022-10-21 | 2022-10-22 |
| CVE-2022-23872 | Emlog pro v1.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /admin/configur... | 4.8 - MEDIUM | 2022-01-31 | 2022-09-30 |
| CVE-2022-23379 | Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid(). | 9.8 - CRITICAL | 2022-02-04 | 2022-02-09 |
| CVE-2022-3968 | A vulnerability has been found in emlog and classified as problematic. Affected by this vulnerability is an unknown functiona... | 6.1 - MEDIUM | 2022-11-13 | 2023-12-28 |
| CVE-2022-1526 | A vulnerability, which was classified as problematic, was found in Emlog Pro up to 1.2.2. This affects the POST parameter han... | 5.4 - MEDIUM | 2022-04-29 | 2023-11-07 |
| CVE-2021-44584 | Cross-site scripting (XSS) vulnerability in index.php in emlog version <= pro-1.0.7 allows remote attackers to inject arbitra... | 6.1 - MEDIUM | 2022-01-06 | 2022-01-12 |
| CVE-2021-40883 | A Remote Code Execution (RCE) vulnerability exists in emlog 5.3.1 via content/plugins. | 9.8 - CRITICAL | 2021-12-14 | 2021-12-15 |
Known software with vulnerabilities from Emlog
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Emlog | Emlog | - |