CVE-2025-22978

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions eladmin versions <=2.7

Description The issue concerns CSV injection in the exception log download module. This allows for potential data manipulation or extraction. No information is provided about the estimated number of affected devices or real-world incidents.

Recommendations For eladmin versions <=2.7, update to a version that includes a fix for the CSV injection issue in the exception log download module. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Special Elements Injection

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-77

Related Identifiers

CVE-2025-22978

Affected Products

Eladmin

CVE-2025-22978

Weakness Enumeration

Related Identifiers

Affected Products

References · 6