CVE-2025-5119 | Emlog Pro 2.5.11 api_controller.php tag sql injection

Inserito da Angelo Barbosa | Mag 23, 2025 | CVE

A vulnerability has been found in Emlog Pro 2.5.11 and classified as critical. This vulnerability affects unknown code of the file /include/controller/api_controller.php. The manipulation of the argument tag leads to sql injection.

This vulnerability was named CVE-2025-5119. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability.

CVE-2025-5119 | Emlog Pro 2.5.11 api_controller.php tag sql injection

Post correlati

CVE-2023-6737 | Enable Media Replace Plugin up to 4.1.4 on WordPress cross site scripting

CVE-2024-12837 | Imagination Technologies Graphics DDK up to 24.3 RTM GPU System Call use after free

CVE-2024-3393 | Palo Alto Networks Cloud NGFW/PAN-OS DNS Security unusual condition

CVE-2024-47413 | Adobe Animate up to 23.0.7/24.0.4 use after free (apsb24-76)