CNNVD-202508-2353 Information

CNNVD ID

CNNVD-202508-2353

Related CVE

CVE-2025-9241

• CNNVD Published: 2025-08-20

Description (Chinese)

ELADMIN是elunez个人开发者的一个后台管理系统。 ELADMIN 2.7及之前版本存在安全漏洞，该漏洞源于exportUser函数未对导出 CSV 内容做转义过滤，导致远程攻击者可注入恶意 CSV 载荷。

Description (English)

ELADMIN is a back-office management system for the personal developers of Elunez. ELADMIN 2.7 and previous versions have a security loophole, which stems from the fact that the ExportUser function does not trans-filtrate the output of CSV, resulting in the remote attacker being injected into a malicious CSV payload.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-20

Last Modified

2026-02-24

References

https://vuldb.com/?submit.631473 https://vuldb.com/?id.320774 https://vuldb.com/?ctiid.320774 https://github.com/elunez/eladmin/issues/886#issue-3307309824 https://nvd.nist.gov/vuln/detail/CVE-2025-9241