Search Results | AttackerKB

Show filters

Topics 44 Users 9,732

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

44 Total Results

Displaying 41-44 of 44

Attacker Value

Unknown

CVE-2021-3293

Disclosure Date: February 08, 2021 (last updated November 28, 2024)

emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2019-17073

Disclosure Date: October 01, 2019 (last updated November 27, 2024)

emlog through 6.0.0beta allows remote authenticated users to delete arbitrary files via admin/template.php?action=del&tpl=../ directory traversal.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-16868

Disclosure Date: September 25, 2019 (last updated November 27, 2024)

emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2018-18316

Disclosure Date: October 15, 2018 (last updated November 27, 2024)

emlog v6.0.0 has CSRF via the admin/user.php?action=new URI.

0