CVE-2025-8530 | elunez eladmin up to 2.7 Druid application-prod.yml login-username/login-password default credentials (Issue 883)

Inserito da Angelo Barbosa | Ago 4, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-systemsrcmainresourcesconfigapplication-prod.yml of the component Druid. The manipulation of the argument login-username/login-password leads to use of default credentials.

This vulnerability is handled as CVE-2025-8530. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-8530 | elunez eladmin up to 2.7 Druid application-prod.yml login-username/login-password default credentials (Issue 883)

Post correlati

CVE-2024-4760 | Microchip SAME70/SAMS70/SAMV70/SAMV71 EEFC NVM Controller unknown vulnerability

CVE-2024-12296 | ApusTheme Apus Framework Plugin up to 2.3 on WordPress import_page_options authorization

CVE-2024-53850 | pluginsGLPI addressing 3.0.0/3.0.1/3.0.2 IP Report externally-controlled input to select classes or code (GHSA-fw42-79gw-7qr9)

CVE-2025-1043 | awsmin Embed Any Document Plugin up to 2.7.5 on WordPress Shortcode embeddoc server-side request forgery