- Description
- A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 5.4
- Impact score
- 2.7
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Secondary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:P/A:N
- Hype score
- Not currently trending
CVE-2024-13140 01/05/2025 12:15:05 PM BaseSeverity: MEDIUM A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover of the com... https://t.co/FWLYTenkuf
@CVETracker
6 Jan 2025
31 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
id: CVE-2024-13140 sourceIdentifier: cna@vuldb.com published: 01/05/2025 12:15:05 PM vulnStatus: Received BaseSeverity: MEDIUM BaseScore: 5.3 url: https://t.co/FWLYTenkuf
@CVETracker
6 Jan 2025
44 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-13140 Publicly Disclosed Remote XSS in Emlog Pro Cover Upload Handler A problematic vulnerability exists in Emlog Pro up to version 2.4.3. It affects an unknown function in the file /admin/article.php?ac... https://t.co/wBAr7cTDc1
@VulmonFeeds
5 Jan 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-13140 A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover … https://t.co/ySXkvNTMgC
@CVEnew
5 Jan 2025
723 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emlog:emlog:*:*:*:*:pro:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8FB7B59-8EC5-4925-8746-415CE377E073",
"versionEndIncluding": "2.4.3",
"versionStartIncluding": "2.4.0"
}
],
"operator": "OR"
}
]
}
]