CVE-2026-39276 - Vulnerability Details

- Authenticated Admin Path Traversal Enables PHP Code Execution in Emlog Pro

Description

The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP code. By uploading a malicious ZIP archive containing directory traversal sequences in filenames, an attacker can overwrite default template files or directly include malicious code files in the current template.

Published: 2026-05-29

Score: 7.2 High

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The flaw lies in the template upload feature of Emlog Pro 2.6.9, where an authenticated administrator can deliver a crafted ZIP archive that contains filenames with directory traversal sequences. Uploading such a file allows the attacker to overwrite existing template files or place new files in the template folder, resulting in the inclusion of arbitrary PHP code during normal site operation. The impact is remote code execution with the privileges of the authenticated admin, enabling full control over the affected web server and data.

Affected Systems

This vulnerability affects the Emlog Pro content management system, specifically version 2.6.9; any installation using that version hosts the template upload functionality.

Risk and Exploitability

Because the exploitation requires an authenticated administrator account, the risk is limited to environments where strong admin controls are insufficient or where attackers can compromise an admin credential. No EPSS score is publicly available, and the vulnerability is not listed in the CISA KEV catalog. The CVSS score of 7.2 indicates a high severity level. Attackers who gain admin access can leverage the path traversal weakness to execute code, making this a serious threat for sites that rely on the template upload feature.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update or upgrade Emlog Pro to a patched version that removes the path traversal flaw in the template upload module.
If an update is unavailable, restrict the template upload capability to trusted accounts only and enforce strict filename validation to disallow traversal characters before saving files.
Remove or guard the template directory from executing PHP files, for example by setting proper directory permissions or using web server configuration to block code execution within the templates folder.

Generated by OpenCVE AI on May 29, 2026 at 23:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation poc

Automatable no

Technical Impact total

References

Link	Providers
https://github.com/LING12138-sg/Emlog-v2.6.9-Vulnerability-Report
https://www.emlog.net/

History

Fri, 29 May 2026 23:45:00 +0000

Type	Values Removed	Values Added
Title		Authenticated Admin Path Traversal Enables PHP Code Execution in Emlog Pro

Fri, 29 May 2026 22:15:00 +0000

Type	Values Removed	Values Added
Title	Authenticated Path Traversal in Emlog Pro 2.6.9 Allows Remote PHP Execution
Weaknesses	CWE-94

Fri, 29 May 2026 20:30:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 29 May 2026 18:00:00 +0000

Type	Values Removed	Values Added
Title		Authenticated Path Traversal in Emlog Pro 2.6.9 Allows Remote PHP Execution
Weaknesses		CWE-22 CWE-94

Fri, 29 May 2026 16:15:00 +0000

Type	Values Removed	Values Added
Description		The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP code. By uploading a malicious ZIP archive containing directory traversal sequences in filenames, an attacker can overwrite default template files or directly include malicious code files in the current template.
References		https://github.com/LING12138-sg/Emlog-v2.6.9-Vulnerability-Report https://www.emlog.net/

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-05-29T00:00:00.000Z

Updated: 2026-05-29T19:31:52.277Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-39276

Vulnrichment

Updated: 2026-05-29T19:31:09.624Z

NVD

Status : Received

Published: 2026-05-29T16:16:26.833

Modified: 2026-05-29T20:16:23.160

Link: CVE-2026-39276

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-29T23:30:10Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation poc

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object