EUVD-2025-208583

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges...

CVE-2025-67036

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges...

Lantronix EDS5000 安全漏洞

The Lantronix EDS5000 is a serial port device server developed by the American company Lantronix. The Lantronix EDS5000 2.1.0.0R3 version contains a security vulnerability. This vulnerability stems from improper handling of the parameter for the Log Info page file name. It could allow authenticat...

CVE-2025-67036

CVE-2025-67036 affects Lantronix EDS5000 series (notably 2.1.0.0R3) where the Log Info page allows log file viewing by name. A missing sanitization in the file name parameter enables an authenticated attacker to inject arbitrary OS commands, executed with root privileges, leading to a high-severi...

CVE-2025-67036

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenticated attacker can inject arbitrary OS commands that are executed with root privileges...

CVE-2026-2107

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\LoginfoController.java of the component Log Info...

CVE-2026-2107 yeqifu warehouse Log Info LoginfoController.java batchDeleteLoginfo improper authorization

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\LoginfoController.java of the component Log Info...

CVE-2026-2107

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\LoginfoController.java of the component Log Info...

EUVD-2026-5720

A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\LoginfoController.java of the component Log Info...

CVE-2026-2107

CVE-2026-2107 affects yeqifu warehouse (Log Info Handler). Multiple methods in LoginfoController (loadAllLoginfo, deleteLoginfo, batchDeleteLoginfo) enable improper authorization, with remote exploit capability. Public exploit exists; product uses no versioning, so affected/unaffected releases ar...

warehouse 授权问题漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There are authorization issues in Warehouse; these issues stem from incorrect operations in the component Log Info Handler, specifically in the file...

PT-2026-6915

Name of the Vulnerable Software and Affected Versions yeqifu warehouse affected versions not specified Description A flaw exists in the Log Info Handler component of yeqifu warehouse, specifically within the loadAllLoginfo, deleteLoginfo, and batchDeleteLoginfo functions located in the file...

EUVD-2025-178036

Malicious code in log-info-good-promise-user npm...

CVE-2025-45610

Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows attackers to access sensitive information via a crafted payload...

PassJava-Platform 安全漏洞

PassJava-Platform is a Spring Cloud open source system for interview brushing by Jackson0714 Individual Developer. A security vulnerability exists in PassJava-Platform version v3.0.0, which stems from improper access control of the component /scheduleLog/info/1, which could lead to access to...

CVE-2021-39739

CVE-2021-39739 affects Android 12L and is a vulnerability in the ArrayMap component where SMS contents could be leaked via log information disclosure. The root cause is information disclosure in ArrayMap that enables a local information leak with neither user interaction nor remote access require...