By vendor
Emlog vulnerabilities
Known CVEs affecting Emlog products, prioritized by severity, with SEC.co remediation and detection guidance.
1 published vulnerability
- CVE-2026-39276HIGH 7.2
Emlog Pro v2.6.9 contains a path traversal flaw in its template upload feature that allows authenticated administrators to upload malicious files and execute arbitrary PHP code on the server. An attacker with admin credentials can craft a specially crafted ZIP archive with directory traversal sequences (such as '../') in filenames to escape the intended upload directory, overwrite legitimate template files, or inject malicious code that gets executed by the web server. This is a post-authentication vulnerability, meaning the attacker must already have admin access to the Emlog installation.