NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-42287

Summary	Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potentially leading to complete database compromise, data theft, or system destruction. This issue has been patched in version 2.6.11.
Publication Date	May 9, 2026, 7:16 a.m.
Registration Date	May 10, 2026, 4:09 a.m.
Last Update	May 9, 2026, 7:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/emlog/emlog/security/advisories/GHSA-xxj8-fc63-j3gw	security-advisories@github.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-89	SQLインジェクション	https://cwe.mitre.org/data/definitions/89.html