| عنوان | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) File and Directory Information Exposure |
|---|
| الوصف | A remote path traversal vulnerability in Tsinghua Unigroup Electronic Archives System 3.2.210802 (62532) allows unauthenticated attackers to retrieve arbitrary files from the underlying server via manipulation of the path parameter in the /System/Cms/downLoad interface. Exploitation of this vulnerability allows attackers to read arbitrary files on the server, which may expose sensitive configuration files, credentials, or other confidential information. |
|---|
| المصدر | ⚠️ https://github.com/luoye197-prog/cve-ziguang-filereadnew |
|---|
| المستخدم | lanmeik (UID 95270) |
|---|
| ارسال | 23/02/2026 10:29 AM (2 أشهر منذ) |
|---|
| الاعتدال | 07/03/2026 01:17 PM (12 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 349662 [Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) /System/Cms/downLoad path اجتياز الدليل] |
|---|
| النقاط | 20 |
|---|