High severity7.2NVD Advisory· Published May 29, 2026· Updated Jun 11, 2026
CVE-2026-39276
CVE-2026-39276
Description
The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP code. By uploading a malicious ZIP archive containing directory traversal sequences in filenames, an attacker can overwrite default template files or directly include malicious code files in the current template.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- www.emlog.netnvdProduct
News mentions
0No linked articles in our index yet.