Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
easycorp zentao vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-27558
A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote malicious users to execute arbitrary web script via various areas such as data-link-creator.
Easycorp Zentao 12.5.3
4.3
CVSSv2
CVE-2021-27557
A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows malicious users to update the fields of a Cron job.
Easycorp Zentao 12.5.3
NA
CVE-2023-46475
A Stored Cross-Site Scripting vulnerability exists in ZenTao 18.3 where a user can create a project, and in the name field of the project, they can inject malicious JavaScript code.
Easycorp Zentao 18.3
1 Github repository
NA
CVE-2023-44826
Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local malicious user to obtain sensitive information via a crafted script.
Easycorp Zentao 18.6
1 Github repository
9
CVSSv2
CVE-2021-27556
The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System.
Easycorp Zentao 12.5.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2