Name of the Vulnerable Software and Affected Versions:

elunez eladmin versions up to 2.7

Description:

A vulnerability exists in elunez eladmin that affects the `queryErrorLogDetail` function within the `SysLogController` component. The vulnerability is located in the file `/api/logs/error/1` and leads to improper authorization. It is possible to initiate the attack remotely.

Recommendations:

Versions prior to 2.8 should be updated.

As a temporary workaround, consider restricting access to the `/api/logs/error/1` API endpoint until a patch is available.