Ghostwire

CVE-2026-41517: Emlog is an open source website building system. Prior to version 2.6.11, insecure plugin upload functionality allows...

UNKNOWN CVSS 0.0 1 PoC

Published: May 8, 2026 | Last Modified: May 8, 2026

Description

Emlog is an open source website building system. Prior to version 2.6.11, insecure plugin upload functionality allows attackers to upload and execute arbitrary PHP code, leading to complete server compromise and persistent backdoor installation. This issue has been patched in version 2.6.11.

Ghostwire Analysis — What This Means Practically

1 proof-of-concept exploit available on GitHub. Public exploit code lowers the barrier for both researchers and attackers.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

CVE-2026-41517: Emlog is an open source website building system. Prior to version 2.6.11, insecure plugin upload functionality allows...

Description

Ghostwire Analysis — What This Means Practically

Proof-of-Concept Exploits (1)

Security Coverage (1 articles)

References