Unigroup Electronic Archives System vulnerabilities
4 known vulnerabilities affecting unigroup/electronic_archives_system.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-2684P2CRITICALCVSS 9.8≤ 3.2.210802\(62532\)2026-02-19
CVE-2026-2684 [CRITICAL] CWE-284 CVE-2026-2684: A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(6253
A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). The impacted element is an unknown function of the file /Archive/ErecordManage/uploadFile.html. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been publicly discl
nvd
CVE-2026-2682P2CRITICALCVSS 9.8≤ 3.2.210802\(62532\)2026-02-18
CVE-2026-2682 [CRITICAL] CWE-74 CVE-2026-2682: A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(6253
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be
nvd
CVE-2026-2672P3MEDIUMCVSS 5.3≤ 3.2.210802\(62532\)2026-02-18
CVE-2026-2672 [MEDIUM] CWE-22 CVE-2026-2672: A security flaw has been discovered in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532
A security flaw has been discovered in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this vulnerability is the function Download of the file /Search/Subject/downLoad. Performing a manipulation of the argument path results in path traversal. The attack is possible to be carried out remotely. The exploit has been released to
nvd
CVE-2026-2683P4MEDIUMCVSS 4.3≤ 3.2.210802\(62532\)2026-02-18
CVE-2026-2683 [MEDIUM] CWE-22 CVE-2026-2683: A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The aff
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipulation of the argument path results in path traversal. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor
nvd