CVE-2026-10550

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

CVE-2026-10550 elunez eladmin Application Deployment App.java command injection

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

CVE-2025-70997

A vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an arbitrary user password reset under any user permission level...

CVE-2025-70997

The CVE-2025-70997 entry concerns eladmin v2.7 and earlier, where an arbitrary user password reset is possible under any user permission level. The connected Red Hat, NVD, CVE listings, and regional advisories all describe the same issue, attributing it to eladmin without detailing the root cause...

EUVD-2025-206813

A vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an arbitrary user password reset under any user permission level...

ELADMIN 安全漏洞

ELADMIN is a backend management system developed by elunez’s individual developer. Versions of ELADMIN 2.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a vulnerability allowing arbitrary user password resets, which could lead to password resets at any user...

EUVD-2024-41068

Malicious code in bioql PyPI...

EUVD-2025-3061

Malicious code in bioql PyPI...

EUVD-2025-25399

Malicious code in bioql PyPI...

EUVD-2024-41067

Malicious code in bioql PyPI...

ELADMIN 授权问题漏洞

ELADMIN is a backend management system for elunez individual developers. An authorization issue vulnerability exists in ELADMIN 2.7 and earlier versions, which stems from an improper authorization issue in the /api/logs/error/1 file...

CVE-2025-9239

A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...

CVE-2025-9241

A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...

CVE-2025-9241 elunez eladmin exportUser csv injection

A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...

CVE-2025-9240

A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited...

CVE-2025-9239

A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...

CVE-2025-9239

The CVE-2025-9239 vulnerability affects elunez eladmin up to version 2.7, specifically the EncryptUtils class in the DES Key Handler (eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java). Manipulating the STR PARAM input (example: Passw0rd) results in inadequate encryption strength. ...

ELADMIN 安全漏洞

ELADMIN is a backend management system for elunez personal developers. A security vulnerability exists in ELADMIN 2.7 and earlier versions, which stems from the exportUser function not escaping and filtering exported CSV content, which allows remote attackers to inject malicious CSV loads...

PT-2025-34151 · Unknown · Elunez Eladmin

Name of the Vulnerable Software and Affected Versions: elunez eladmin versions prior to 2.8 Description: A weakness has been identified in the exportUser function, which can lead to CSV injection. The attack can be initiated remotely and the exploit has been made publicly available...

ELADMIN 安全漏洞

ELADMIN is a backend management system for elunez individual developers. A security vulnerability exists in ELADMIN 2.7 and earlier versions, which stems from improper DES key handling that may result in insufficient encryption strength...