Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Emlog is an open source website building system. In version 2.5.23, Emlog Pro is vulnerable to a session verification code error due to a clearing logic error. This means the verification code could b
Emlog is an open source website building system. Emlog Pro prior to version 2.5.10 contains a file upload vulnerability. The store.php component contains a critical security flaw where it fails to pro
Emlog is an open source website building system. In versions 2.5.21 and below, an HTML template injection allows stored cross‑site scripting (XSS) via the mail template settings. Once a malicious payl
Emlog is an open source website building system. Prior to version 2.6.8, there is a stored cross-site scripting (XSS) vulnerability in emlog comment module via URI scheme validation bypass. This issue
emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles.
CVE-2026-42287
CRITICAL CVSS 10.0
Find Similar
Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potentially
Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via t
Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows authenticated remote attackers to inject arbitrary web script
Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows authenticated remote attackers to inject arbitrary web script
Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via t
Emlog is an open source website building system. In versions 2.6.2 and prior, a Local File Inclusion (LFI) vulnerability exists in admin/plugin.php at line 80. The $plugin parameter from the GET reque
Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability that can lead to account takeover, including takeover of admin accounts. As of time of p
Emlog is an open source website building system. A stored Cross-Site Scripting (XSS) vulnerability exists in the "Twitter"feature of EMLOG Pro 2.5.21 and below. An authenticated user with privileges t
Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability in the `Resource media library ` function while publishing an article. As of time of pub
Emlog is an open source website building system. Prior to version 2.6.11, insecure plugin upload functionality allows attackers to upload and execute arbitrary PHP code, leading to complete server com
Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including version 2.5.22 allows authenticated remote attackers to inject arbitrary web sc
Emlog is an open source website building system. In version 2.5.23, the admin can set controls which makes users unable to edit or delete their articles after publishing them. As of time of publicatio
Emlog is an open source website building system. Emlog Pro versions pro-2.5.7 and pro-2.5.8 contain an SQL injection vulnerability. `search_controller.php` does not use addslashes after urldecode, all
Emlog is an open source website building system. Prior to version 2.6.11, missing CSRF protection in critical admin functions allows attackers to trick authenticated administrators into performing una
CVE-2026-22799
CRITICAL CVSS 9.3
Find Similar
Emlog is an open source website building system. emlog v2.6.1 and earlier exposes a REST API endpoint (/index.php?rest-api=upload) for media file uploads. The endpoint fails to implement proper valida
Page 1+ Next →