Every CVE whose affected-product data names Elog Project Elog, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2025-64349 — CVSS 8.8 (high): ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target user's email address, then request a…
CVE-2025-62618 — CVSS 8.0 (high): ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open…
CVE-2019-3993 — CVSS 7.5 (high): ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's…
CVE-2019-3994 — CVSS 7.5 (high): ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker…
CVE-2019-3995 — CVSS 7.5 (high): ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated…
CVE-2019-3992 — CVSS 7.5 (high): ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the…
CVE-2025-64348 — CVSS 7.1 (high): ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is…
CVE-2019-3996 — CVSS 6.5 (medium): ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.