| Название | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) File and Directory Information Exposure |
|---|
| Описание | A remote path traversal vulnerability in Tsinghua Unigroup Electronic Archives System 3.2.210802 (62532) allows unauthenticated attackers to retrieve arbitrary files from the underlying server via manipulation of the path parameter in the /System/Cms/downLoad interface. Exploitation of this vulnerability allows attackers to read arbitrary files on the server, which may expose sensitive configuration files, credentials, or other confidential information. |
|---|
| Источник | ⚠️ https://github.com/luoye197-prog/cve-ziguang-filereadnew |
|---|
| Пользователь | lanmeik (UID 95270) |
|---|
| Представление | 23.02.2026 10:29 (2 месяцы назад) |
|---|
| Модерация | 07.03.2026 13:17 (12 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 349662 [Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) /System/Cms/downLoad path обход каталога] |
|---|
| Баллы | 20 |
|---|