emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows attackers to arbitrarily add articles.
CPE | Name | Operator | Version |
---|---|---|---|
emlog | eq | 5.3.1 | |
emlog | eq | emlog_5.2.0 | |
emlog | eq | emlog_5.2.1 | |
emlog | eq | 6.0.0 | |
emlog | eq | emlog_5.3.0 | |
emlog | eq | emlog_5.1.3 | |
emlog | eq | emlog_5.1.2 |