Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
easycorp zentao vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-44827
An issue in ZenTao Community Edition v.18.6 and before, ZenTao Biz v.8.6 and before, ZenTao Max v.4.7 and before allows an malicious user to execute arbitrary code via a crafted script to the Office Conversion Settings function.
Easycorp Zentao Max
Easycorp Zentao Biz
Easycorp Zentao
NA
CVE-2020-21268
Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote malicious user to execute arbitrary code via the lastComment parameter.
Easycorp Zentao 11.6.4
NA
CVE-2020-22533
Cross Site Scripting vulnerability found in Zentao allows a remote malicious user to execute arbitrary code via the lang parameter
Easycorp Zentao
NA
CVE-2022-47745
ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can complete SQL injection by constructing a special request and sending it to function importNotice.
Easycorp Zentao 18.0
Easycorp Zentao
1 Github repository
NA
CVE-2022-37700
Zentao Demo15 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: URL : view-source:https://demo15.zentao.pm/user-login.html/zentao/index.php?mode=getconfig.
Easycorp Zentao 15.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2