CVE-2024-13042 – Tsinghua Unigroup Electronic Archives Management System File Path Information Disclosure

12月 30, 2024
10:16 pm

CVE ID : CVE-2024-13042

Published : Dec. 30, 2024, 9:15 p.m. | 1 hour, 1 minute ago

Description : A vulnerability was found in Tsinghua Unigroup Electronic Archives Management System 3.2.210802(62532). It has been classified as problematic. Affected is the function download of the file SubjectController.class.php. The manipulation of the argument path leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-13042 – Tsinghua Unigroup Electronic Archives Management System File Path Information Disclosure

Elvescore.io

Recent Posts

CVE-2024-48197 – Audiocodes MP-202b Cross Site Scripting Privilege Escalation

CVE-2024-56199 – phpMyFAQ HTML Injection Vulnerability

CVE-2025-0173 – SourceCodester Online Eyewear Shop SQL Injection Vulnerability

CVE-2024-11716 – CTFd Team Bracket Reassignment Vulnerability ( Privilege Escalation )

CVE-2024-11717 – CTFd TokenForgeable Authentication

CVE-2022-45811 – WeyHan Ng Post Teaser Missing Authorization

CVE-2024-13042 – Tsinghua Unigroup Electronic Archives Management System File Path Information Disclosure

CVE-2024-13042 – Tsinghua Unigroup Electronic Archives Management System File Path Information Disclosure