Description
A vulnerability was detected in xiweicheng TMS up to 2.28.0. Affected by this issue is the function Upload of the file src/main/java/com/lhjz/portal/controller/FileController.java. The manipulation of the argument filename results in unrestricted upload. The attack may be performed from remote. The exploit is now public and may be used.
Published: 2026-01-17
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unrestricted file upload allows remote content placement
Action: Apply Patch
AI Analysis

Impact

The upload endpoint in xiweicheng TMS is vulnerable to unrestricted file uploads due to insufficient filename validation. An attacker can submit a crafted filename and payload, causing the server to store the file without restricting type or size. This flaw is aligned with CWE‑284 (Improper Access Control) and CWE‑434 (Unrestricted Upload of File with Dangerous Type). If the uploaded file is executable or contains a malicious script, it could result in remote code execution, data tampering, or web defacement.

Affected Systems

The vulnerability affects xiweicheng TMS versions up to and including 2.28.0. Users operating any supported release of the TMS product prior to a corrected version are at risk. No specific subcomponents beyond the FileController were identified as affected.

Risk and Exploitability

With a CVSS score of 5.3 the issue is of moderate severity, and the EPSS score of less than 1 % indicates a low incidence of exploitation in the wild. The problem is not listed in the CISA KEV catalog. The attack vector is remote; an attacker merely needs to transmit a malicious file to the upload endpoint. Because the system accepts arbitrary filenames and file types, a successful upload could allow later execution or compromise of the web application, meaning that the risk remains significant despite the low EPSS.

Generated by OpenCVE AI on April 18, 2026 at 05:33 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a patched version of xiweicheng TMS that includes input validation or limits for file uploads, or apply the vendor's official patch if available.
  • Restrict the upload handler to accept only approved MIME types and file extensions, and enforce size limits on uploaded content.
  • Configure file system permissions so that uploaded files cannot be executed, and isolate the upload directory from the web root.
  • Monitor the upload endpoint for anomalous activity and enforce rate limiting to mitigate abuse.

Generated by OpenCVE AI on April 18, 2026 at 05:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 08 Mar 2026 01:45:00 +0000

Type Values Removed Values Added
First Time appeared Xiweicheng teamwork Management System
CPEs cpe:2.3:a:xiweicheng:teamwork_management_system:*:*:*:*:*:*:*:*
Vendors & Products Xiweicheng teamwork Management System

Wed, 21 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 19 Jan 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Xiweicheng
Xiweicheng tms
Vendors & Products Xiweicheng
Xiweicheng tms

Sat, 17 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in xiweicheng TMS up to 2.28.0. Affected by this issue is the function Upload of the file src/main/java/com/lhjz/portal/controller/FileController.java. The manipulation of the argument filename results in unrestricted upload. The attack may be performed from remote. The exploit is now public and may be used.
Title xiweicheng TMS FileController.java upload unrestricted upload
Weaknesses CWE-284
CWE-434
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Xiweicheng Teamwork Management System Tms
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-23T08:33:50.345Z

Reserved: 2026-01-16T19:09:09.143Z

Link: CVE-2026-1061

cve-icon Vulnrichment

Updated: 2026-01-21T16:30:58.589Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-17T19:15:51.140

Modified: 2026-03-08T01:34:33.350

Link: CVE-2026-1061

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T05:45:38Z

Weaknesses