Emoncms
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-22992 | Cri | 0.64 | 9.8 | 0.00 | Feb 6, 2025 | A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific… | ||
| CVE-2021-26716 | Med | 0.40 | 6.1 | 0.01 | Feb 21, 2021 | Modules/input/Views/schedule.php in Emoncms through 10.2.7 allows XSS via the node parameter. | ||
| CVE-2017-5964 | Med | 0.40 | 6.1 | 0.01 | Feb 12, 2017 | An issue was discovered in Emoncms through 9.8.0. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "emoncms-master/Modules/vis/visualisations/compare.php" URL. An attacker could execute arbitrary HTML and… | ||
| CVE-2023-33518 | Med | 0.34 | 5.3 | 0.00 | Jun 5, 2023 | emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request. |
- risk 0.64cvss 9.8epss 0.00
A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query parameter, allowing attackers to execute arbitrary SQL commands under specific…
- risk 0.40cvss 6.1epss 0.01
Modules/input/Views/schedule.php in Emoncms through 10.2.7 allows XSS via the node parameter.
- risk 0.40cvss 6.1epss 0.01
An issue was discovered in Emoncms through 9.8.0. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "emoncms-master/Modules/vis/visualisations/compare.php" URL. An attacker could execute arbitrary HTML and…
- risk 0.34cvss 5.3epss 0.00
emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request.