VYPR
Vendor

Emoncms

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2025-22992CriFeb 6, 2025
    risk 0.64cvss 9.8epss 0.00

    A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific…

  • CVE-2021-26716MedFeb 21, 2021
    risk 0.40cvss 6.1epss 0.01

    Modules/input/Views/schedule.php in Emoncms through 10.2.7 allows XSS via the node parameter.

  • CVE-2017-5964MedFeb 12, 2017
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Emoncms through 9.8.0. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "emoncms-master/Modules/vis/visualisations/compare.php" URL. An attacker could execute arbitrary HTML and…

  • CVE-2023-33518MedJun 5, 2023
    risk 0.34cvss 5.3epss 0.00

    emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request.