CVE-2021-3293
5.3 MEDIUMemlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file
Published: 2021-02-08 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 5.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
| Vendor | Product |
|---|---|
| emlog | emlog |
Description
emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-3293
- [Exploit reference]https://github.com/emlog/emlog/issues/62
- [Exploit reference]https://github.com/thinkgad/Bugs/blob/main/emlog%20v5.3.1%20has%20Full%20Path%20Disclosure%20vulnerability.md
- [Exploit reference]https://github.com/emlog/emlog/issues/62
- [Exploit reference]https://github.com/thinkgad/Bugs/blob/main/emlog%20v5.3.1%20has%20Full%20Path%20Disclosure%20vulnerability.md
Related CVEs
Same vendor
- CVE-2026-39276 — The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbi... (7.2 HIGH)