CVE-2025-34102

Name of the Vulnerable Software and Affected Versions: CryptoLog (PHP version, affected versions not specified)

Description: A remote code execution issue exists in CryptoLog (PHP version) due to a combination of SQL injection and command injection vulnerabilities. An unauthenticated attacker can achieve shell access as the web server user. The attack sequence involves exploiting a SQL injection flaw in login.php to bypass authentication, followed by command injection in the /logshares ajax.php API endpoint. The login bypass is achieved by submitting crafted SQL via the user POST parameter. After authentication, the attacker can leverage the lsid POST parameter in the /logshares ajax.php endpoint to inject and execute a command using $(...) syntax. This exploitation path is not present in the ASP.NET version of CryptoLog released since 2009.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.