Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

127 matches found

VulnCheck KEV
VulnCheck KEVadded 2025/05/02 12:0 a.m.0 views

VulnCheck KEV: CVE-2023-38951

ZKTeco BioTime 8.5.5 through 9.x before 9.0.1 20240617.19506 allows authenticated attackers to create or overwrite arbitrary files on the server via crafted requests to /base/sftpsetting/ endpoints that abuse a path traversal issue in the Username field and a lack of input sanitization on the...

9.8CVSS5.9AI score0.17576EPSS
Exploits2References1
NVD
NVDadded 2024/07/05 11:15 a.m.15 views

CVE-2024-6523

A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic. Affected is an unknown function of the component system-group-add Handler. The manipulation of the argument user with the input alert'XSS' leads to cross site scripting. It is possible to launch the...

5.4CVSS0.0009EPSS
Exploits1References4
OSV
OSVadded 2024/07/05 11:15 a.m.2 views

CVE-2024-6523

A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic. Affected is an unknown function of the component system-group-add Handler. The manipulation of the argument user with the input alert'XSS' leads to cross site scripting. It is possible to launch the...

5.4CVSS3.7AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/07/05 11:0 a.m.12 views

CVE-2024-6523 ZKTeco BioTime system-group-add cross site scripting

A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic. Affected is an unknown function of the component system-group-add Handler. The manipulation of the argument user with the input alert'XSS' leads to cross site scripting. It is possible to launch the...

5.3CVSS6AI score0.0009EPSS
Exploits1References4
CVE
CVEadded 2024/07/05 11:0 a.m.54 views

CVE-2024-6523

CVE-2024-6523 affects ZKTeco BioTime (up to 9.5.2). The vulnerability is a cross-site scripting flaw in the system-group-add Handler, triggered by manipulating the user parameter with input like . It can be exploited remotely and the exploit has been disclosed publicly. The root cause is an input...

5.4CVSS3.9AI score0.0009EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2024/07/05 11:0 a.m.15 views

CVE-2024-6523 ZKTeco BioTime system-group-add cross site scripting

A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic. Affected is an unknown function of the component system-group-add Handler. The manipulation of the argument user with the input alert'XSS' leads to cross site scripting. It is possible to launch the...

5.3CVSS0.0009EPSS
Exploits1References4
CNNVD
CNNVDadded 2024/07/05 12:0 a.m.3 views

ZKTeco BioTime Security Breach

ZKTeco BioTime is a powerful web-based time and attendance management software from the Chinese company ZKTeco. A security vulnerability exists in ZKTeco BioTime version 9.5.2 and earlier versions, which is caused by a cross-site scripting vulnerability in the user parameter of system-group-add...

5.4CVSS6AI score0.0009EPSS
Exploits1References5
OSV
OSVadded 2024/04/11 1:22 a.m.1 views

CVE-2023-51141

An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information via the Authentication & Authorization component...

6.5CVSS5.8AI score0.00233EPSS
Exploits1References3
NVD
NVDadded 2024/04/11 1:22 a.m.6 views

CVE-2023-51141

An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information via the Authentication & Authorization component...

6.5CVSS6.2AI score0.00233EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2024/04/11 1:22 a.m.0 views

CVE-2023-51141

An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information via the Authentication & Authorization component...

6.5CVSS5.8AI score0.00233EPSS
Exploits1References4
NVD
NVDadded 2024/04/11 1:22 a.m.10 views

CVE-2023-51142

An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information...

7.5CVSS6.4AI score0.00321EPSS
Exploits1References4
OSV
OSVadded 2024/04/11 1:22 a.m.0 views

CVE-2023-51142

An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information...

7.5CVSS5.8AI score
Exploits0References4
CNNVD
CNNVDadded 2024/04/11 12:0 a.m.1 views

ZKTeco BioTime 安全漏洞

Zkteco BioTime is a powerful web-based time and attendance management software from the Chinese company Zkteco. A security vulnerability exists in ZKTeco BioTime v.8.5.4 and prior versions that could allow a remote attacker to gain access to sensitive information via the authentication and...

6.5CVSS6.8AI score0.00233EPSS
Exploits1References4
CNNVD
CNNVDadded 2024/04/11 12:0 a.m.1 views

ZKTeco BioTime 安全漏洞

Zkteco BioTime is a powerful web-based time and attendance management software from the Chinese company Zkteco. A security vulnerability exists in ZKTeco BioTime v.8.5.4 and prior versions, which originates from an issue that could allow a remote attacker to obtain sensitive information...

7.5CVSS6.5AI score0.00321EPSS
Exploits1References5
Packet Storm
Packet Stormadded 2024/04/01 12:0 a.m.2256 views

BioTime Directory Traversal / Remote Code Execution

. . \ | \ /|| | | / |/ | | | |/ / \ | | \ | | | Y Y \ / | /|/|| |||| /\ / / / Tested on 8.5.5 Build:20231103.R1905 Tested on 9.0.1 Build:20240108.18753 BioTime, "time" for shellz! https://claroty.com/team82/disclosure-dashboard/cve-2023-38952...

9.8CVSS7.4AI score0.834EPSS
Exploits3
0day.today
0day.todayadded 2024/04/01 12:0 a.m.392 views

BioTime Directory Traversal / Remote Code Execution Exploit

BioTime versions 8.5.5 and 9.0.1 suffer from directory traversal and file write vulnerabilities. This exploit also achieves remote code execution on version 8.5.5. . . \ | \ /|| | | / |/ | | | |/ / \ | | \ | | | Y Y \ / | /|/|| |||| /\ / / / Tested on 8.5.5 Build:20231103.R1905 Tested on...

9.8CVSS8.4AI score0.834EPSS
Exploits3
GithubExploit
GithubExploitadded 2024/03/28 8:44 p.m.6 views

biotime-rce-8.5.5

Biotime Directory Traversal, Remote Code Execution The exploit...

7.5AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2024/03/21 12:0 a.m.13 views

CVE-2023-51142

An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information...

6.7AI score0.00321EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/03/21 12:0 a.m.2 views

PT-2024-14056 · Zkteco · Zkteco Biotime

Name of the Vulnerable Software and Affected Versions: ZKTeco BioTime versions 8.5.4 and earlier Description: An issue in the software allows a remote attacker to obtain sensitive information. Recommendations: For ZKTeco BioTime versions 8.5.4 and earlier, update to a version later than 8.5.4 to...

7.5CVSS6.8AI score0.00321EPSS
Exploits1References7
CVE
CVEadded 2024/03/21 12:0 a.m.29 views

CVE-2023-51141

Summary: CVE-2023-51141 affects ZKTeko BioTime v8.5.4 and earlier. The issue resides in the Authentication & Authorization component and could allow a remote attacker to obtain sensitive information. Affected software: ZKTeko BioTime 8.5.4 and earlier versions. Impact: Potential exposure of sensi...

6.5CVSS6.4AI score0.00233EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder