Aggregator

A vulnerability was found in elunez eladmin up to 2.7. It has been classified as problematic. This affects the function exportUser. This manipulation causes csv injection. This vulnerability appears as CVE-2025-9241. The attack may be initiated remotely. In addition, an exploit is available.

vuldb.com

CVE-2025-9240 | elunez eladmin up to 2.7 /auth/info information disclosure (Issue 885)

VulDB Recent Entries

3 months 3 weeks ago

A vulnerability was found in elunez eladmin up to 2.7 and classified as problematic. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. This vulnerability is reported as CVE-2025-9240. The attack can be launched remotely. Moreover, an exploit is present.

vuldb.com

CVE-2025-9239 | elunez eladmin up to 2.7 DES Key EncryptUtils.java EncryptUtils STR_PARAM inadequate encryption (Issue 884)

VulDB Recent Entries

3 months 3 weeks ago

A vulnerability has been found in elunez eladmin up to 2.7 and classified as problematic. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STR_PARAM with the input Passw0rd leads to inadequate encryption strength. This vulnerability is documented as CVE-2025-9239. The attack can be initiated remotely. There is not any exploit available.

vuldb.com

Submit #634313: itsourcecode Insurance Management System V1.0 SQL Injection [Duplicate]

Vuldb Submit

3 months 3 weeks ago

Submit #634313 / VDB-199683

chessplayer

Submit #631473: elunez eladmin ≤ 2.7 CSV/XLSX Injection(CWE-1236) [Accepted]

Vuldb Submit

3 months 3 weeks ago

Submit #631473 / VDB-320774

ez-lbz

Submit #631424: elunez eladmin <=2.7 Sensitive Information Disclosure [Accepted]

Vuldb Submit

3 months 3 weeks ago

Submit #631424 / VDB-320773

ez-lbz

Submit #631393: elunez eladmin <=2.7 Hardcoded DES Key [Accepted]

Vuldb Submit

3 months 3 weeks ago

Submit #631393 / VDB-320772

ez-lbz

CVE-2025-9238 | Swatadru Exam-Seating-Arrangement up to 97335ccebf95468d92525f4255a2241d2b0b002f Student Login /student.php email sql injection

VulDB Recent Entries

3 months 3 weeks ago

A vulnerability, which was classified as critical, was found in Swatadru Exam-Seating-Arrangement up to 97335ccebf95468d92525f4255a2241d2b0b002f. Affected is an unknown function of the file /student.php of the component Student Login. Executing manipulation of the argument email can lead to sql injection. This vulnerability is registered as CVE-2025-9238. It is possible to launch the attack remotely. Furthermore, an exploit is available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

vuldb.com

CVE-2025-9237 | CodeAstro Ecommerce Website 1.0 Edit Your Account Page my_account.php?edit_account Username cross site scripting

VulDB Recent Entries

3 months 3 weeks ago

A vulnerability, which was classified as problematic, has been found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. This vulnerability is cataloged as CVE-2025-9237. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

vuldb.com

【安全圈】突发！星链再次遭遇大规模网络中断

安全圈

3 months 3 weeks ago

关键词网络中断当地时间周一，马斯克旗下的星链（Starlink）卫星互联网服务发生短暂中断，影响遍及全球。

Aggregator

Managed ad