PT-2026-39198 · Emlog · Emlog
Lan041221
·
Published
2026-05-08
·
Updated
2026-05-09
·
CVE-2026-41517
CVSS v4.0
0.0
None
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Emlog versions prior to 2.6.11
Description
Insecure plugin upload functionality allows attackers to upload and execute arbitrary PHP code, which can lead to complete server compromise and the installation of a persistent backdoor.
Recommendations
Update to version 2.6.11.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Emlog