Описание
A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
Ссылки
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия до 2.7 (включая)
cpe:2.3:a:eladmin:eladmin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 4%
0.00019
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-266
Связанные уязвимости
CVSS3: 4.3
github
5 месяцев назад
A vulnerability was identified in elunez eladmin up to 2.7. This affects the function queryErrorLogDetail of the file /api/logs/error/1 of the component SysLogController. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
EPSS
Процентиль: 4%
0.00019
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-266