{"vulnerability": "cve-2024-13042", "sightings": [{"uuid": "9d79a2a9-f2f6-473c-a338-fc6dcdfd90a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13042", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113743813918791710", "content": "", "creation_timestamp": "2024-12-30T21:07:44.271081Z"}, {"uuid": "c08f9a52-cf1a-4d82-a76a-ca991263b756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-13042", "type": "seen", "source": "https://t.me/cvedetector/13959", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13042 - Tsinghua Unigroup Electronic Archives Management System File Path Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-13042 \nPublished : Dec. 30, 2024, 9:15 p.m. | 20\u00a0minutes ago \nDescription : A vulnerability was found in Tsinghua Unigroup Electronic Archives Management System 3.2.210802(62532). It has been classified as problematic. Affected is the function download of the file SubjectController.class.php. The manipulation of the argument path leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T22:39:17.000000Z"}]}