bGl1o

2 exploits Active since Mar 2025
CVE-2025-29401 WRITEUP CRITICAL WRITEUP
emlog pro 2.5.7 - Arbitrary File Upload and Remote Code Execution via Plugin.php
An arbitrary file upload vulnerability in the component /views/plugin.php of emlog pro v2.5.7 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS 9.8
CVE-2025-29405 WRITEUP MEDIUM WRITEUP
emlog 2.5.1-2.5.6 - Arbitrary File Upload via Template Admin Endpoint
An arbitrary file upload vulnerability in the component /admin/template.php of emlog pro 2.5.0 and pro 2.5.* allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS 6.3