CVE-2026-3719 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) /System/Cms/downLoad path path traversal

Inserito da Angelo Barbosa | Mar 7, 2026 | CVE

A vulnerability marked as critical has been reported in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal.

This vulnerability is documented as CVE-2026-3719. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-3719 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) /System/Cms/downLoad path path traversal

Post correlati

CVE-2024-54230 | WPRealizer Unlock Addons for Elementor Plugin up to 1.0.0 on WordPress cross site scripting

CVE-2024-38384 | Linux Kernel up to 6.6.32/6.9.3 blk-cgroup __blkcg_rstat_flush memory corruption (714e59b5456e/785298ab6b80/d0aac2363549)

CVE-2024-7290 | SourceCodester Establishment Billing Management System 1.0 /manage_tenant.php id sql injection

CVE-2024-28734 | Coda Unit4 Financials 2024Q1 cols cross site scripting