Path Traversal Vulnerability in Emlog Pro by Emlog
CVE-2026-39276
7.2HIGH
What is CVE-2026-39276?
The template upload feature in Emlog Pro v2.6.9 contains a path traversal vulnerability that can be exploited by authenticated administrators. This flaw enables attackers to upload malicious ZIP files crafted with directory traversal sequences in their filenames. Such an action can lead to the overwriting of default template files or direct inclusion of malicious PHP code, posing significant risks to the integrity and security of the affected system.
