CVE-2026-42287

Sažetak

Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potentially leading to complete database compromise, data theft, or system destruction. This issue has been patched in version 2.6.11.

Reference

https://github.com/emlog/emlog/security/advisories/GHSA-xxj8-fc63-j3gw
https://github.com/emlog/emlog/security/advisories/GHSA-xxj8-fc63-j3gw

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

11-05-2026 - 19:16

Objavljeno

08-05-2026 - 22:16