37 matches found
CVE-2026-3719
A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly...
EUVD-2026-10223
A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly...
CVE-2026-3719 Tsinghua Unigroup Electronic Archives System downLoad path traversal
A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly...
PT-2026-23925
A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly...
Tsinghua Unigroup Electronic Archives System 路径遍历漏洞
Tsinghua Unigroup Electronic Archives System is an electronic archive management system of Tsinghua Unigroup. Version 3.2.21080262532 of Tsinghua Unigroup Electronic Archives System has a path traversal vulnerability. This vulnerability arises from incorrect handling of the parameter “path” in th...
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2684
A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. The impacted element is an unknown function of the file /Archive/ErecordManage/uploadFile.html. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be...
Tsinghua Unigroup Electronic Archives System 代码问题漏洞
Tsinghua Unigroup Electronic Archives System is an electronic archive management system of Tsinghua Unigroup. There are code issues and vulnerabilities in versions 3.2.21080262532 and earlier of Tsinghua Unigroup Electronic Archives System. These vulnerabilities stem from incorrect handling of th...
CVE-2026-2684 Tsinghua Unigroup Electronic Archives System uploadFile.html unrestricted upload
A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. The impacted element is an unknown function of the file /Archive/ErecordManage/uploadFile.html. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be...
CVE-2026-2684
CVE-2026-2684 affects the Tsinghua Unigroup Electronic Archives System (up to 3.2.210802[62532]). The vulnerability resides in an unknown function handling the file upload at /Archive/ErecordManage/uploadFile.html, where manipulating the argument File enables an unrestricted upload. This can be e...
CVE-2026-2683
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal. The attack may be initiated remotely. The...
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2683
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal. The attack may be initiated remotely. The...
CVE-2026-2683 Tsinghua Unigroup Electronic Archives System downLoad.html path traversal
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal. The attack may be initiated remotely. The...
CVE-2026-2683 Tsinghua Unigroup Electronic Archives System downLoad.html path traversal
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal. The attack may be initiated remotely. The...
CVE-2026-2683
CVE-2026-2683 concerns Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The vulnerability lies in an unknown function within /Using/Subject/downLoad.html where manipulation of the path argument enables path traversal. The issue appears exploitable remotely and a public exploit has ...
CVE-2026-2682 Tsinghua Unigroup Electronic Archives System prinReport.html sql injection
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2682
CVE-2026-2682 affects Tsinghua Unigroup Electronic Archives System up to version 3.2.210802(62532). The vulnerability is a SQL injection in an unknown function exposed via the URL path /mine/PublicReport/prinReport.html?token=java, where manipulating the comid argument leads to injection. The att...
CVE-2026-2672
A security flaw has been discovered in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. Affected by this vulnerability is the function Download of the file /Search/Subject/downLoad. Performing a manipulation of the argument path results in path traversal. The attack is possible to be...