CVE-2025-0226 – Tsinghua Unigroup Electronic Archives System File Download Path Information Disclosure

1月 5, 2025
7:16 pm

CVE ID : CVE-2025-0226

Published : Jan. 5, 2025, 6:15 p.m. | 1 hour, 1 minute ago

Description : A vulnerability, which was classified as problematic, has been found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this issue is the function download of the file /collect/PortV4/downLoad.html. The manipulation of the argument path leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-0226 – Tsinghua Unigroup Electronic Archives System File Download Path Information Disclosure

Elvescore.io

Recent Posts

CVE-2024-10866 – WordPress Export Import Menus Capability Check Bypass Vulnerability

CVE-2024-11625 – Progress Software Corporation Sitefinity Information Exposure Through Error Message

CVE-2024-11626 – Progress Sitefinity Sitefinity Cross-site Scripting (XSS) Vulnerability

CVE-2024-11627 – Progress Sitefinity Session Fixation Vulnerability

CVE-2024-12077 – Booking Calendar and Booking Calendar Pro Cross-Site Scripting Vulnerability

CVE-2024-12202 – Croma Music Plugin for WordPress Privilege Escalation

CVE-2025-0226 – Tsinghua Unigroup Electronic Archives System File Download Path Information Disclosure

CVE-2025-0226 – Tsinghua Unigroup Electronic Archives System File Download Path Information Disclosure