CVE-2025-10084

Medium CVSS: 5.3

A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

Vendor

Eladmin

Product

Eladmin

CWE

CWE-266

Yayın Tarihi

2025-09-08 05:15:34

Güncelleme

2025-10-31 14:41:38

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-266 Eladmin MEDIUM Eladmin 2025

Referanslar

https://vuldb.com/?ctiid.323040 https://vuldb.com/?id.323040 https://vuldb.com/?submit.644658 https://www.cnblogs.com/aibot/p/19063331

Benzer Kayıtlar

Medium

CVE-2025-70997

A vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an arbitrary user password…

Low

CVE-2025-10014

A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/upda…

Medium

CVE-2025-9241

A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation caus…

Medium

CVE-2025-9240

A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of…

Medium

CVE-2025-9239

A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils…

Medium

CVE-2025-8530

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue…