Stefan Ritt Elog Web Logbook — known CVE vulnerabilities
Every CVE whose affected-product data names Stefan Ritt Elog Web Logbook, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2005-0439 — CVSS 7.5 (high): Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with…
CVE-2005-0440 — CVSS 7.5 (high): ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write…
CVE-2006-5790 — CVSS 7.5 (high): Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and earlier allow remote attackers to cause a denial of service (crash) and…
CVE-2006-0597 — CVSS 7.5 (high): Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cause a denial of service (application…
CVE-2006-0598 — CVSS 7.5 (high): Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attackers to execute code via unspecified variables, when writing to the log…
CVE-2006-5063 — CVSS 5.1 (medium): Cross-site scripting (XSS) vulnerability in Elog 2.6.1 allows remote attackers to inject arbitrary web script or HTML by editing log…
CVE-2006-0599 — CVSS 5.0 (medium): The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 generate different responses depending on whether or not a username…
CVE-2006-0347 — CVSS 5.0 (medium): Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via…
CVE-2006-0348 — CVSS 5.0 (medium): Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service (server…
CVE-2006-0600 — CVSS 5.0 (medium): elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter…
CVE-2006-6318 — CVSS 5.0 (medium): The show_elog_list function in elogd.c in elog 2.6.2 and earlier allows remote authenticated users to cause a denial of service (daemon…
CVE-2008-7206 — CVSS 4.3 (medium): Unspecified vulnerability in Electronic Logbook (ELOG) before 2.7.2 has unknown impact and attack vectors when the "logbook contains HTML…
CVE-2006-5791 — CVSS 2.6 (low): Multiple cross-site scripting (XSS) vulnerabilities in elogd.c in ELOG 2.6.2 and earlier allow remote attackers to inject arbitrary HTML or…