CVE-2026-42287
CriticalSummary
Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allowed attackers to execute arbitrary SQL commands.
Risk Assessment
This vulnerability could lead to complete database compromise, data theft, or system destruction, posing a serious threat to organizations.
Recommendation
It is recommended to upgrade to version 2.6.11 or later to mitigate this vulnerability.
Original NVD description (English source)
Emlog is an open source website building system. Prior to version 2.6.11, direct SQL injection in article creation and update functions allows attackers to execute arbitrary SQL commands, potentially leading to complete database compromise, data theft, or system destruction. This issue has been patched in version 2.6.11.

