ritt

8 exploits Active since Jan 2020
CVE-2025-62618 WRITEUP HIGH WRITEUP
elog < 3.1.5-20251014 - Authenticated Arbitrary HTML File Upload and Credential Theft
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or crack the password hash offline. In ELOG 3.1.5-20251014 release, HTML files are rendered as plain text.
CVSS 8.0
CVE-2025-64348 WRITEUP HIGH WRITEUP
elog < 3.1.5-20251014 - Authenticated Configuration File Overwrite and Denial of Service
ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is specifically enabled with the "-x" command line flag, attackers could execute OS commands on the host machine. By default, ELOG is not configured to allow shell commands or self-registration.
CVSS 7.1
CVE-2025-64349 WRITEUP HIGH WRITEUP
elog < 3.1.5-20251014 - Authenticated Account Takeover via Profile Modification
ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target user's email address, then request a password reset, and take control of the target account. By default, ELOG is not configured to allow self-registration.
CVSS 8.8
CVE-2019-20375 WRITEUP MEDIUM WRITEUP
Electronic Logbook 3.1.4 - Cross-Site Scripting via Localization Value Parameter
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization (loc) command to elogd.c.
CVSS 6.1
CVE-2019-20376 WRITEUP MEDIUM WRITEUP
Electronic Logbook 3.1.4 - Cross-Site Scripting via SVG Document
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c.
CVSS 6.1
CVE-2025-62618 WRITEUP HIGH WRITEUP
elog < 3.1.5-20251014 - Authenticated Arbitrary HTML File Upload and Credential Theft
ELOG allows an authenticated user to upload arbitrary HTML files. The HTML content is executed in the context of other users when they open the file. Because ELOG includes usernames and password hashes in certain HTTP requests, an attacker can obtain the target's credentials and replay them or crack the password hash offline. In ELOG 3.1.5-20251014 release, HTML files are rendered as plain text.
CVSS 8.0
CVE-2025-64348 WRITEUP HIGH WRITEUP
elog < 3.1.5-20251014 - Authenticated Configuration File Overwrite and Denial of Service
ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is specifically enabled with the "-x" command line flag, attackers could execute OS commands on the host machine. By default, ELOG is not configured to allow shell commands or self-registration.
CVSS 7.1
CVE-2025-64349 WRITEUP HIGH WRITEUP
elog < 3.1.5-20251014 - Authenticated Account Takeover via Profile Modification
ELOG allows an authenticated user to modify another user's profile. An attacker can edit a target user's email address, then request a password reset, and take control of the target account. By default, ELOG is not configured to allow self-registration.
CVSS 8.8