CVE-2025-0226 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) downLoad.html download path information disclosure

Posted by Angelo Barbosa | Jan 4, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this issue is the function download of the file /collect/PortV4/downLoad.html. The manipulation of the argument path leads to information disclosure.

This vulnerability is handled as CVE-2025-0226. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-0226 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) downLoad.html download path information disclosure

Related Posts

CVE-2023-41127 | Evergreen Content Poster Auto Post and Schedule Your Best Content to Social Media Plugin cross site scripting

CVE-2024-4151 | lunary-ai lunary up to 1.2.2 PATCH Request access control

CVE-2024-47030 | Google Android ACPM information disclosure

CVE-2024-41858 | Adobe InCopy up to 19.4 integer overflow (apsb24-64)