| 제목 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) File and Directory Information Exposure |
|---|
| 설명 | A remote path traversal vulnerability in Tsinghua Unigroup Electronic Archives System 3.2.210802 (62532) allows unauthenticated attackers to retrieve arbitrary files from the underlying server via manipulation of the path parameter in the /System/Cms/downLoad interface. Exploitation of this vulnerability allows attackers to read arbitrary files on the server, which may expose sensitive configuration files, credentials, or other confidential information. |
|---|
| 원천 | ⚠️ https://github.com/luoye197-prog/cve-ziguang-filereadnew |
|---|
| 사용자 | lanmeik (UID 95270) |
|---|
| 제출 | 2026. 02. 23. AM 10:29 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 03. 07. PM 01:17 (12 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 349662 [Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) /System/Cms/downLoad path 디렉토리 순회] |
|---|
| 포인트들 | 20 |
|---|