Tsinghua Unigroup Electronic Archives System prinReport.html sql injection_CVE-2026-2682

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2026-2682

Source VulDB

Published Feb 18, 2026 at 22:32

Affected Product

Vendor Tsinghua Unigroup

Product Electronic Archives System

Version 3.2.210802(62532)

Affected Versions Tsinghua Unigroup Electronic Archives System 3.2.210802(62532)

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-02-18T22:32:08.536Z",
    "modified": "2026-02-18T22:32:08.536Z",
    "type": "cve",
    "title": "Tsinghua Unigroup Electronic Archives System prinReport.html sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.346473\nhttps://vuldb.com/?ctiid.346473\nhttps://vuldb.com/?submit.753308\nhttps://github.com/luoye197-prog/cve-ziguang-sql/blob/main/introduce\nhttps://github.com/luoye197-prog/cve-ziguang-sql/blob/main/poc.py",
    "id": "CVE-2026-2682",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "Tsinghua Unigroup Electronic Archives System 3.2.210802(62532)",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Electronic Archives System",
    "version": "3.2.210802(62532)",
    "vendor": "Tsinghua Unigroup",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}