Primary

Context

Jhenggao iPublish System Arbitrary File Reading Vulnerability

Vulnerability

An arbitrary file reading vulnerability has been identified in the iPublish System developed by Jhenggao. This vulnerability allows unauthenticated remote attackers to read arbitrary system files. The issue arises from a path traversal flaw that can be exploited to access restricted files on the server.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive system files, potentially allowing attackers to read confidential information or application data.

Remediation

For institutions using the iPublish System on-premises, it is recommended to contact the vendor to check for updates. Alternatively, consider disabling external access and restricting use to within the campus.

Added: Jul 8, 2025, 2:17 AM

Updated: Jul 8, 2025, 2:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Jhenggao iPublish System Arbitrary File Reading Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating