Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
2.1
CVE-2026-10550: Elunez Eladmin 2.7 Allows Remote Code Execution
CVE-2026-10550
Summary
An unknown issue in Elunez Eladmin's Application Deployment Module could allow attackers to execute malicious code remotely. This could happen if an attacker exploits a publicly available exploit. We recommend checking with the project for a fix or considering an alternative solution until this issue is resolved.
Original title
A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the arg...
Original description
A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
2.1
Vulnerability type
CWE-74
Injection
CWE-77
Command Injection
Published: 2 Jun 2026 · Updated: 2 Jun 2026 · First seen: 2 Jun 2026