emlog

Top products

The 15 most recently published vulnerabilities affecting emlog.

• CVE-2026-39276The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP code. By uploading a malicious ZIP archive contain...7.2May 29, 2026
• CVE-2026-34788Emlog: SQL Injection in tag_model::updateTagName() via unsanitized parameters6.5Apr 3, 2026
• CVE-2026-34787Emlog: Local File Inclusion in plugin.php via unsanitized plugin parameter6.5Apr 3, 2026
• CVE-2026-34607Emlog: Path Traversal in emUnZip() allows arbitrary file write leading to RCE7.2Apr 3, 2026
• CVE-2026-34229Emlog: Stored XSS in Comment Module via URI Scheme Validation Bypass6.1Apr 3, 2026
• CVE-2026-34228Emlog: CSRF in Backend Upgrade Interface Leading to Arbitrary Remote SQL Execution and Arbitrary File Write6.5Apr 3, 2026
• CVE-2026-22799emlog Arbitrary File Upload Vulnerability8.8Jan 12, 2026
• CVE-2026-21433Emlog vulnerable to Server-Side Request Forgery (SSRF)7.7Jan 2, 2026
• CVE-2026-21432Emlog has stored Cross-site Scripting issue that can lead to admin or another account ATO5.4Jan 2, 2026
• CVE-2026-21431Emlog vulnerable to stored Cross-site Scripting via image name5.4Jan 2, 2026
• CVE-2026-21430Emlog: CSRF chained with stored XSS leads to ATO9.3Jan 2, 2026
• CVE-2026-21429Emlog has Broken Access Control (BAC)4.3Jan 2, 2026
• CVE-2025-61318Emlog Pro 2.5.20 has an arbitrary file deletion vulnerability. This vulnerability stems from the admin/template.php component and the admin/plugin.php component. They fail to perform path verificat...9.1Dec 8, 2025
• CVE-2025-62717Emlog Pro session verification code error due to clearing logic error9.1Oct 24, 2025
• CVE-2025-61930Emlog Pro has CSRF issue that Enables Admin Password Reset8.1Oct 10, 2025