Eladmin

Eladmin

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-70997

Exploit
  • EPSS 0.01%
  • Veröffentlicht 04.02.2026 00:00:00
  • Zuletzt bearbeitet 12.02.2026 18:16:08

A vulnerability has been discovered in eladmin v2.7 and before. This vulnerability allows for an arbitrary user password reset under any user permission level.

4.3

CVE-2025-10084

Exploit
  • EPSS 0.03%
  • Veröffentlicht 08.09.2025 05:02:16
  • Zuletzt bearbeitet 31.10.2025 14:41:38

A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate th...

3.1

CVE-2025-10014

Exploit
  • EPSS 0.03%
  • Veröffentlicht 05.09.2025 17:32:07
  • Zuletzt bearbeitet 31.10.2025 14:47:01

A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorizatio...

7.5

CVE-2025-9241

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.08.2025 19:32:05
  • Zuletzt bearbeitet 31.10.2025 19:09:13

A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.

4.3

CVE-2025-9240

Exploit
  • EPSS 0.03%
  • Veröffentlicht 20.08.2025 18:32:06
  • Zuletzt bearbeitet 31.10.2025 19:16:18

A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has bee...

3.7

CVE-2025-9239

Exploit
  • EPSS 0.02%
  • Veröffentlicht 20.08.2025 18:02:08
  • Zuletzt bearbeitet 31.10.2025 19:18:05

A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of...

7.5

CVE-2025-8530

Exploit
  • EPSS 0.05%
  • Veröffentlicht 04.08.2025 23:02:06
  • Zuletzt bearbeitet 12.09.2025 16:09:34

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. T...

6.5

CVE-2025-3250

  • EPSS 0.21%
  • Veröffentlicht 04.04.2025 15:00:15
  • Zuletzt bearbeitet 15.05.2025 20:44:17

A vulnerability, which was classified as problematic, has been found in elunez eladmin 2.7. Affected by this issue is some unknown functionality of the file /api/database/testConnect of the component Maintenance Management Module. The manipulation le...

7.2

CVE-2025-2855

Exploit
  • EPSS 1.01%
  • Veröffentlicht 27.03.2025 15:31:04
  • Zuletzt bearbeitet 06.05.2025 19:07:02

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is the function checkFile of the file /api/deploy/upload. The manipulation of the argument servers leads to deserialization. The ...

9.8

CVE-2025-22978

Exploit
  • EPSS 0.72%
  • Veröffentlicht 03.02.2025 20:15:36
  • Zuletzt bearbeitet 20.01.2026 21:16:02

eladmin <=2.7 is vulnerable to CSV Injection in the exception log download module.