Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
10.0
CVE-2026-42287: Emlog versions before 2.6.11 allow SQL attacks on database
CVE-2026-42287
Summary
Emlog, a website building system, had a security weakness that allowed hackers to access and manipulate its database. This could lead to the theft of sensitive information or even destroy the system. The issue has been fixed in version 2.6.11, so update to the latest version to ensure security.
Original title
Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potential...
Original description
Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potentially leading to complete database compromise, data theft, or system destruction. This issue has been patched in version 2.6.11.
nvd CVSS4.0
10.0
Vulnerability type
CWE-89
SQL Injection
Published: 8 May 2026 · Updated: 28 May 2026 · First seen: 8 May 2026