Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zkteco vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-36634
An access control issue in ZKTeco ZKBioSecurity V5000 3.0.5_r allows malicious users to arbitrarily create admin users via a crafted HTTP request.
Zkteco Zkbiosecurity V5000 3.0.5.0 R
NA
CVE-2022-36635
ZKteco ZKBioSecurity V5000 4.1.3 exists to contain a SQL injection vulnerability via the component /baseOpLog.do.
Zkteco Zkbiosecurity V5000 4.1.3
505
VMScore
CVE-2017-14680
ZKTeco ZKTime Web 2.0.1.12280 allows remote malicious users to obtain sensitive employee metadata via a direct request for a PDF document.
Zkteco Zktime Web 2.0.1.12280
1 EDB exploit
NA
CVE-2022-44213
ZKTeco Xiamen Information Technology ZKBio ECO ADMS <=3.1-164 is vulnerable to Cross Site Scripting (XSS).
Zkteco Automatic Data Master Server
NA
CVE-2023-48050
SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (aka odoo-biometric-attendance) v. 13.0 up to and including 16.0.1 allows a remote malicious user to execute arbitrary code and to gain privileges via the db paramet...
Camsbiometrics Zkteco\\, Essl\\, Cams Biometrics Integration Module
Odoo Biometric Attendance
NA
CVE-2023-51142
An issue in ZKTeco BioTime v.8.5.4 and before allows a remote malicious user to obtain sensitive information.
NA
CVE-2024-22988
An issue in zkteco zkbio WDMS v.8.0.5 allows an malicious user to execute arbitrary code via the /files/backup/ component.
NA
CVE-2022-40472
ZKTeco Xiamen Information Technology ZKBio Time 8.0.7 Build: 20220721.14829 exists to contain a CSV injection vulnerability. This vulnerability allows malicious users to execute arbitrary code via a crafted payload injected into the Content text field of the Add New Message modul...
Zktec Zkbio Time 8.0.7
NA
CVE-2024-1706
A vulnerability, which was classified as problematic, has been found in ZKTeco ZKBio Access IVS up to 3.3.2. Affected by this issue is some unknown functionality of the component Department Name Search Bar. The manipulation with the input <marquee>hi leads to cross site scr...
NA
CVE-2024-2318
A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified as problematic. Affected is an unknown function of the file /pro/common/download of the component Service Port 9999. The manipulation of the argument fileName with the input ../../.....
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3