CVE-2026-10550

Summary of CVE-2026-10550 (elunez eladmin) : Affects eladmin up to 2.7; the vulnerability targets the Application Deployment Module, specifically the App.java component. The issue arises from manipulating the uploadPath argument, enabling command injection and remote code execution. Public exploi...

EUVD-2025-9758

Malicious code in bioql PyPI...

EUVD-2025-25382

Malicious code in bioql PyPI...

EUVD-2025-27107

Malicious code in bioql PyPI...

EUVD-2025-15096

Malicious code in bioql PyPI...

EUVD-2024-48379

Malicious code in bioql PyPI...

EUVD-2025-23562

Malicious code in bioql PyPI...

CVE-2025-10084 elunez eladmin SysLogController 1 queryErrorLogDetail improper authorization

A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-9241

A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...

CVE-2025-9241

A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...

CVE-2025-9240 elunez eladmin info information disclosure

A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited...

CVE-2025-9240 elunez eladmin info information disclosure

A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited...

CVE-2025-9240

The CVE concerns elunez eladmin up to 2.7, with a vulnerability in the /auth/info functionality that leads to information disclosure. Exploitation is remote and publicly released. A fix is available: upgrade to version 2.8 or later (documented across PT-2025-34145, CNNVD/EUVD/NVD entries). Eviden...

PT-2025-34145 · Elunez · Eladmin

Name of the Vulnerable Software and Affected Versions: elunez eladmin versions prior to 2.8 Description: A security flaw has been discovered in elunez eladmin up to version 2.7. This issue affects an unknown functionality of the file /auth/info. Manipulation of this functionality results in...

PT-2025-34151 · Unknown · Elunez Eladmin

Name of the Vulnerable Software and Affected Versions: elunez eladmin versions prior to 2.8 Description: A weakness has been identified in the exportUser function, which can lead to CSV injection. The attack can be initiated remotely and the exploit has been made publicly available...

CVE-2025-8530

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument...

CVE-2025-8530

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument...

CVE-2025-8530

CVE-2025-8530 affects elunez eladmin up to 2.7, with the Druid component’s configuration file eladmin-system/src/main/resources/config/application-prod.yml where manipulation of login-username/login-password can cause default credentials to be used. This vulnerability can be exploited remotely, a...

ELADMIN 安全漏洞

ELADMIN is a backend management system for elunez individual developers. A security vulnerability exists in ELADMIN 2.7 and earlier versions, which stems from the use of default credentials that allow an attacker to remotely log in directly and disclose sensitive information...

CVE-2024-7458

A vulnerability was found in elunez eladmin up to 2.7 and classified as critical. This issue affects some unknown processing of the file /api/deploy/upload /api/database/upload of the component Database Management/Deployment Management. The manipulation of the argument file leads to path traversa...