CVE-2026-2683 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) downLoad.html path path traversal

Inserito da Angelo Barbosa | Feb 18, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal.

This vulnerability was named CVE-2026-2683. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-2683 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) downLoad.html path path traversal

Post correlati

CVE-2024-32550 | BMI Adult & Kid Calculator Plugin up to 1.2.1 on WordPress cross-site request forgery

CVE-2024-12490 | code-projects Online Class and Exam Scheduling System 1.0 /pages/teacher_save.php salut sql injection

CVE-2025-7390 | Softing Industrial Automation OPC UA C++ SDK/edgeConnector/edgeAggregator certificate validation

CVE-2024-10627 | WooCommerce Support Ticket System Plugin up to 17.7 on WordPress unrestricted upload