PT-2023-26791 · Emlog · Emlog
Safe-B
·
Publicado
2023-08-03
·
Atualizado
2025-11-11
·
CVE-2023-39121
CVSS v3.1
7.2
Alta
| Vetor | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
emlog version 2.1.9
Description
A SQL injection issue was discovered in emlog via the "/admin/user.php" API endpoint. This allows for potential exploitation.
Recommendations
For emlog version 2.1.9, consider restricting access to the "/admin/user.php" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Emlog