andyzeng

1 exploit Active since Dec 2025
CVE-2025-61318 WRITEUP CRITICAL WRITEUP
Emlog Pro 2.5.20 - Path Traversal and Arbitrary File Deletion via Admin Template and Plugin Components
Emlog Pro 2.5.20 has an arbitrary file deletion vulnerability. This vulnerability stems from the admin/template.php component and the admin/plugin.php component. They fail to perform path verification and dangerous code filtering for deletion parameters, allowing attackers to exploit this feature for directory traversal.
CVSS 9.1