Browse all 4 CVE security advisories affecting ELOG. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ELOG is a web-based electronic logbook system primarily used for scientific and technical documentation. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These weaknesses often stem from insufficient input validation and improper access controls. The system's 4 recorded CVEs highlight persistent security concerns, particularly around authenticated functionality. While no major public security incidents have been widely documented, the consistent discovery of vulnerabilities in its codebase suggests ongoing security challenges for organizations implementing this logging solution.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-64349 | ELOG user profile missing authorization — ELOGCWE-862 | 8.8 | High | 2025-10-31 |
| CVE-2025-64348 | ELOG configuration file authorization bypass — ELOGCWE-862 | 7.1 | High | 2025-10-31 |
| CVE-2025-62618 | ELOG file upload stored XSS — ELOGCWE-434 | 8.0 | High | 2025-10-31 |
| CVE-2020-8859 | ELOG Electronic Logbook 代码问题漏洞 — Electronic LogbookCWE-476 | 7.5 | - | 2020-03-23 |
This page lists every published CVE security advisory associated with ELOG. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.