4 matches found
ZKTeco ZKTime Web Multiple Vulnerabilities
ZKTeco ZKTime Web is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zkteco:zktimeweb";...
ZKTime Web Software Cross-Site Scripting Vulnerability
ZKTeco ZKTime Web Software is a time and attendance management system from ZKTeco, Inc. A cross-site scripting vulnerability exists in ZKTeco ZKTime Web Software version 2.0.1.12280. An attacker could exploit this vulnerability to elevate privileges to administrator privileges...
ZKTeco ZKTime Web Personnel Advanced Query Department Module Cross-Site Scripting Vulnerability
ZKTeco ZKTime Web is a time and attendance management system from ZKTeco, Inc.The Department module in Personnel Advanced Query is one of the departmental personnel advanced query modules. A cross-site scripting vulnerability exists in the Range field of the Department module in Personnel Advance...
Design/Logic Flaw
ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document...