Filtered by vendor Emoncms
Subscriptions
Filtered by product Emoncms
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-60938 | 1 Emoncms | 1 Emoncms | 2025-10-27 | 7.5 High |
| Emoncms 11.7.3 has a remote code execution vulnerability in the firmware upload feature that allows authenticated users to execute arbitrary commands on the target system. The vulnerability stems from insufficient input validation of user-controlled parameters including filename, port, baud_rate, core, and autoreset within the /admin/upload-custom-firmware endpoint. | ||||
| CVE-2025-60936 | 1 Emoncms | 1 Emoncms | 2025-10-27 | 6.1 Medium |
| Emoncms 11.7.3 is vulnerable to Cross Site in the input handling mechanism. This vulnerability allows authenticated attackers with API access to inject malicious JavaScript code that executes when administrators view the application logs. | ||||
| CVE-2023-33518 | 1 Emoncms | 1 Emoncms | 2025-01-08 | 5.3 Medium |
| emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request. | ||||
Page 1 of 1.