PatchSiren

Hangzhou Kuozhi Network Technology Co., Ltd. CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Hangzhou Kuozhi Network Technology Co., Ltd. CVE published 2026-01-22

CVE-2023-7335

CVE-2023-7335 is an arbitrary file read vulnerability in EduSoho versions prior to 22.4.7. A remote, unauthenticated attacker can exploit this vulnerability to read arbitrary files from the server filesystem, including application configuration files that may contain secrets and database credentials. This vulnerability exists in the classroom-course-statistics export functionality. Affected product deploy [truncated]