Stefan Ritt: >> Elog Web Logbook Security Vulnerabilities
Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service (server crash) via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
5.0
EPSS Score
0.013
Published
2006-01-21
Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names.
CVSS Score
7.5
EPSS Score
0.135
Published
2005-05-02
ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL.
CVSS Score
7.5
EPSS Score
0.006
Published
2005-05-02
Page 2