34 matches found
CVE-2026-3719
A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly...
EUVD-2026-10223
A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly...
CVE-2026-3719
A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly...
CVE-2026-3719
CVE-2026-3719 affects Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The issue arises from processing the file path in /System/Cms/downLoad, enabling path traversal. The vulnerability can be exploited remotely; the exploit is publicly available and may be used. Public details ind...
CVE-2026-3719 Tsinghua Unigroup Electronic Archives System downLoad path traversal
A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly...
Tsinghua Unigroup Electronic Archives System 路径遍历漏洞
Tsinghua Unigroup Electronic Archives System is an electronic archive management system of Tsinghua Unigroup. Version 3.2.21080262532 of Tsinghua Unigroup Electronic Archives System has a path traversal vulnerability. This vulnerability arises from incorrect handling of the parameter “path” in th...
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
Tsinghua Unigroup Electronic Archives System 代码问题漏洞
Tsinghua Unigroup Electronic Archives System is an electronic archive management system of Tsinghua Unigroup. There are code issues and vulnerabilities in versions 3.2.21080262532 and earlier of Tsinghua Unigroup Electronic Archives System. These vulnerabilities stem from incorrect handling of th...
CVE-2026-2684
CVE-2026-2684 affects the Tsinghua Unigroup Electronic Archives System (up to 3.2.210802[62532]). The vulnerability resides in an unknown function handling the file upload at /Archive/ErecordManage/uploadFile.html, where manipulating the argument File enables an unrestricted upload. This can be e...
CVE-2026-2684 Tsinghua Unigroup Electronic Archives System uploadFile.html unrestricted upload
A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. The impacted element is an unknown function of the file /Archive/ErecordManage/uploadFile.html. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be...
CVE-2026-2683
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal. The attack may be initiated remotely. The...
CVE-2026-2682
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2683
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal. The attack may be initiated remotely. The...
CVE-2026-2683 Tsinghua Unigroup Electronic Archives System downLoad.html path traversal
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal. The attack may be initiated remotely. The...
CVE-2026-2683 Tsinghua Unigroup Electronic Archives System downLoad.html path traversal
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal. The attack may be initiated remotely. The...
CVE-2026-2683
CVE-2026-2683 concerns Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The vulnerability lies in an unknown function within /Using/Subject/downLoad.html where manipulation of the path argument enables path traversal. The issue appears exploitable remotely and a public exploit has ...
CVE-2026-2682 Tsinghua Unigroup Electronic Archives System prinReport.html sql injection
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.21080262532. Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The...
CVE-2026-2672
A security flaw has been discovered in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. Affected by this vulnerability is the function Download of the file /Search/Subject/downLoad. Performing a manipulation of the argument path results in path traversal. The attack is possible to be...
CVE-2026-2672 Tsinghua Unigroup Electronic Archives System downLoad download path traversal
A security flaw has been discovered in Tsinghua Unigroup Electronic Archives System 3.2.21080262532. Affected by this vulnerability is the function Download of the file /Search/Subject/downLoad. Performing a manipulation of the argument path results in path traversal. The attack is possible to be...
CVE-2026-2672
CVE-2026-2672 affects Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The vulnerability lies in the Download function for the file /Search/Subject/downLoad, where manipulating the path argument triggers a path traversal. Exploitation is possible remotely; PoC/public exploit exists...