Filtered by vendor Psi Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-20376 1 Psi 1 Electronic Logbook 2024-08-05 6.1 Medium
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c.
CVE-2019-20375 1 Psi 1 Electronic Logbook 2024-08-05 6.1 Medium
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization (loc) command to elogd.c.
CVE-2020-8859 1 Psi 1 Electronic Logbook 2024-08-04 7.5 High
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request can trigger the dereference of a null pointer. An attacker can leverage this vulnerability to create a denial-of-service condition. Was ZDI-CAN-10115.