Klogserver Klog Server — known CVE vulnerabilities
Every CVE whose affected-product data names Klogserver Klog Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-35729 — CVSS 9.8 (critical): KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.
CVE-2021-3317 — CVSS 8.8 (high): KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source…