VYPR
Unrated severityOSV Advisory· Published Dec 8, 2025· Updated Dec 8, 2025

CVE-2025-61318

CVE-2025-61318

Description

Emlog Pro 2.5.20 has an arbitrary file deletion vulnerability. This vulnerability stems from the admin/template.php component and the admin/plugin.php component. They fail to perform path verification and dangerous code filtering for deletion parameters, allowing attackers to exploit this feature for directory traversal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Emlog/EmlogOSV2 versions
    5.3.1, 6.0.0, 6.1.0, …+ 1 more
    • (no CPE)range: 5.3.1, 6.0.0, 6.1.0, …
    • (no CPE)range: = 2.5.20

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.