Lucene search
+L
UnigroupElectronic Archives System

4 matches found

CVE
CVE
added 2026/02/18 11:32 p.m.30 views

CVE-2026-2684

CVE-2026-2684 affects the Tsinghua Unigroup Electronic Archives System (up to 3.2.210802[62532]). The vulnerability resides in an unknown function handling the file upload at /Archive/ErecordManage/uploadFile.html, where manipulating the argument File enables an unrestricted upload. This can be e...

9.8CVSS5.3AI score0.00487EPSS
Web
CVE
CVE
added 2026/02/18 9:32 p.m.22 views

CVE-2026-2672

CVE-2026-2672 affects Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The vulnerability lies in the Download function for the file /Search/Subject/downLoad, where manipulating the path argument triggers a path traversal. Exploitation is possible remotely; PoC/public exploit exists...

5.3CVSS5.4AI score0.00583EPSS
Web
CVE
CVE
added 2026/02/18 11:2 p.m.15 views

CVE-2026-2683

CVE-2026-2683 concerns Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The vulnerability lies in an unknown function within /Using/Subject/downLoad.html where manipulation of the path argument enables path traversal. The issue appears exploitable remotely and a public exploit has ...

5.3CVSS5.3AI score0.00543EPSS
Web
CVE
CVE
added 2026/02/18 10:32 p.m.12 views

CVE-2026-2682

CVE-2026-2682 affects Tsinghua Unigroup Electronic Archives System up to version 3.2.210802(62532). The vulnerability is a SQL injection in an unknown function exposed via the URL path /mine/PublicReport/prinReport.html?token=java, where manipulating the comid argument leads to injection. The att...

9.8CVSS5.5AI score0.00346EPSS
Web