CNNVD-202510-4401 Information

CNNVD ID

CNNVD-202510-4401

Related CVE

CVE-2025-64349

• CNNVD Published: 2025-10-31

Description (Chinese)

ELog是Stefan Ritt个人开发者的一款有Web界面的电子日志软件。 ELog存在安全漏洞，该漏洞源于身份验证用户可修改其他用户资料，可能导致账户接管。

Description (English)

ELog is Stefan Ritt’s personal developer of an electronic log software with a Web interface. ELog has a security loophole, which stems from the fact that authentication users can modify other user information, which may lead to the account being taken over.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-31

Last Modified

2026-02-24

References

https://bitbucket.org/ritt/elog/commits/7092ff64f6eb9521f8cc8c52272a020bf3730946 https://bitbucket.org/ritt/elog/commits/f81e5695c40997322fe2713bfdeba459d9de09dc https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-304-01.json https://www.cve.org/CVERecord?id=CVE-2025-64349