[VULNERABILITY ALERT] Jin Zhun Information | Police Statistics Database System - Contains 2 Critical Security Vulnerabilities (CVE-2026-1019)(CVE-2026-1021)

• Subject: [VULNERABILITY ALERT] Jin Zhun Information | Police Statistics Database System - Contains 2 Critical Security Vulnerabilities (CVE-2026-1019)(CVE-2026-1021)

• Content Description:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center Security Alert TWCERTCC-200-202601-00000017
  • [Jin Zhun Information | Police Statistics Database System - Missing Authentication] (CVE-2026-1019, CVSS: 9.8) The Police Statistics Database System contains a Missing Authentication vulnerability. An unauthenticated remote attacker can exploit specific functions to read, modify, and delete database content.
  • [Jin Zhun Information | Police Statistics Database System - Arbitrary File Upload] (CVE-2026-1021, CVSS: 9.8) The Police Statistics Database System contains an Arbitrary File Upload vulnerability. An unauthenticated remote attacker can upload and execute web backdoors, thereby executing arbitrary code on the server side.
• Affected Platforms:
  • Police Statistics Database System version 1.0.2 (inclusive) and earlier
• Recommended Actions:
  • Update to version 1.0.3 (inclusive) or later
• Reference Material:
  1. https://www.twcert.org.tw/tw/cp-132-10637-3e4b3-1.html

Computer and Communication Center
Network Systems Division, Respectfully