Filtered by vendor Psi
Subscriptions
Filtered by product Electronic Logbook
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-20376 | 1 Psi | 1 Electronic Logbook | 2024-08-05 | 6.1 Medium |
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c. | ||||
CVE-2019-20375 | 1 Psi | 1 Electronic Logbook | 2024-08-05 | 6.1 Medium |
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization (loc) command to elogd.c. | ||||
CVE-2020-8859 | 1 Psi | 1 Electronic Logbook | 2024-08-04 | 7.5 High |
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition. Was ZDI-CAN-10115. |
Page 1 of 1.