CVE-2026-34788 in Emlog정보

요약 (영어)

Emlog is an open source website building system. In versions 2.6.2 and prior, a SQL injection vulnerability exists in include/model/tag_model.php at line 168. The updateTagName() function directly interpolates user input into the SQL query string without using parameterized queries or proper escaping ($this->db->escape_string()), making it vulnerable to SQL injection attacks. At time of publication, there are no publicly available patches.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

책임이 있는

GitHub_M

예약하다

2026. 03. 30.

공개

2026. 04. 04.

상태

확인됨

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디	취약성	CWE	악용	대책	CVE
355249	Emlog Query String tag_model.php updateTagName SQL 주입	89	정의되지 않음	정의되지 않음	CVE-2026-34788

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

출처

◂ 이전개요다음 ▸

Want to know what is going to be exploited?

We predict KEV entries!