CVE-2026-10550 | elunez eladmin up to 2.7 Application Deployment App.java uploadPath command injection (Issue 899)

Inserito da Angelo Barbosa | Giu 1, 2026 | CVE

A vulnerability was found in elunez eladmin up to 2.7. It has been classified as critical. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection.

This vulnerability is registered as CVE-2026-10550. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-10550 | elunez eladmin up to 2.7 Application Deployment App.java uploadPath command injection (Issue 899)

Post correlati

CVE-2024-9456 | WP Awesome Login Plugin up to 0.4.0 on WordPress SVG File Upload cross site scripting

CVE-2026-28089 | ThemeREX Daiquiri Plugin up to 1.2.4 on WordPress filename control

CVE-2026-35176 | trabucayre openFPGALoader up to 1.1.1 pof File Parser POFParser::parseSection out-of-bounds

CVE-2026-5803 | bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c API Proxy Endpoint server.js Query server-side request forgery