Lucene search
K

45 matches found

RedhatCVE
RedhatCVE
added 2025/11/14 7:59 p.m.6 views

CVE-2022-4984

ZenTao Biz 6.5, ZenTao Max 3.0, ZenTao Open Source Edition 16.5, and ZenTao Open Source Edition 16.5.beta1 contain an SQL injection vulnerability in the login functionality. The application does not properly validate the account parameter on /zentao/user-login.html before using it in a database...

8.7CVSS8.1AI score0.0044EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/13 7:37 p.m.11 views

CVE-2022-4984 ZenTao Biz < 6.5, Max < 3.0, & Open Source Edition 16.5/16.5beta1 SQL Injection via user-login.html

ZenTao Biz 6.5, ZenTao Max 3.0, ZenTao Open Source Edition 16.5, and ZenTao Open Source Edition 16.5.beta1 contain an SQL injection vulnerability in the login functionality. The application does not properly validate the account parameter on /zentao/user-login.html before using it in a database...

8.7CVSS0.0044EPSS
Exploits0References6
CVE
CVE
added 2025/11/13 7:37 p.m.22 views

CVE-2022-4984

CVE-2022-4984 affects ZenTao Biz &lt; 6.5, ZenTao Max &lt; 3.0, and ZenTao Open Source Edition

8.7CVSS7.7AI score0.0044EPSS
In wildExploits0References6
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.7 views

PT-2025-46894

ZenTao Biz 6.5, ZenTao Max 3.0, ZenTao Open Source Edition 16.5, and ZenTao Open Source Edition 16.5.beta1 contain an SQL injection vulnerability in the login functionality. The application does not properly validate the account parameter on /zentao/user-login.html before using it in a database...

8.7CVSS8.1AI score0.0044EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/11/13 12:0 a.m.13 views

ZenTao多款产品 安全漏洞

ZenTao Biz and others are a project management software from the Chinese company ZenTao. A security vulnerability exists in several ZenTao products, which stems from insufficient validation of the parameter account in the file /zentao/user-login.html, which could lead to an SQL injection attack...

8.7CVSS7.5AI score0.0044EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-50596

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0036EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-50595

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00286EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-49150

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00935EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-50705

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.0037EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:37 a.m.6 views

CVE-2024-24202

An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file...

9.8CVSS9.6AI score0.01EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:58 a.m.9 views

CVE-2023-46491

ZenTao Biz version 4.1.3 and before has a Cross Site Scripting XSS vulnerability in the Version Library...

6.1CVSS6AI score0.0037EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 3:57 a.m.8 views

CVE-2023-46375

ZenTao Biz version 4.1.3 and before is vulnerable to Cross Site Request Forgery CSRF...

8.8CVSS6.9AI score0.00286EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 2:7 a.m.6 views

CVE-2023-46376

Zentao Biz version 8.7 and before is vulnerable to Information Disclosure...

7.5CVSS6.9AI score0.0036EPSS
Exploits1References1
NVD
NVD
added 2024/02/08 5:15 a.m.18 views

CVE-2024-24202

An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file...

9.8CVSS9.6AI score0.01EPSS
Exploits1References1
Prion
Prion
added 2024/02/08 5:15 a.m.14 views

Design/Logic Flaw

An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file...

7.5CVSS8.3AI score0.01EPSS
Exploits1References1Affected Software3
CNNVD
CNNVD
added 2024/02/08 12:0 a.m.5 views

Nature Easy Soft Network Technology ZenTao Code Issue Vulnerability

Nature Easy Soft Network Technology ZenTao is China's easy soft Tianchuang network technology Nature Easy Soft Network Technology company's open source project management software. The software includes product management, project management, quality management and document management and other...

9.8CVSS7.7AI score0.01EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/02/08 12:0 a.m.16 views

CVE-2024-24202

An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file...

7.8AI score0.01EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.6 views

PT-2024-20317 · Unknown · Zentao Community Edition +2

Name of the Vulnerable Software and Affected Versions: ZenTao Community Edition versions 18.10 ZenTao Biz versions 8.10 ZenTao Max versions 4.10 Description: An arbitrary file upload issue in the /upgrade/control.php endpoint allows attackers to execute arbitrary code by uploading a crafted .txt...

9.8CVSS7.8AI score0.01EPSS
Exploits1References5
CVE
CVE
added 2024/02/08 12:0 a.m.58 views

CVE-2024-24202

CVE-2024-24202 refers to an arbitrary file upload vulnerability in ZenTao components (Community Edition v18.10, Biz v8.10, Max v4.10) exposed at /upgrade/control.php. The root cause is a crafted .txt file upload that allows remote code execution. Affected products are explicitly ZenTao Community ...

9.8CVSS9.6AI score0.01EPSS
Exploits1References1Affected Software3
NVD
NVD
added 2023/10/27 1:15 a.m.25 views

CVE-2023-46376

Zentao Biz version 8.7 and before is vulnerable to Information Disclosure...

7.5CVSS7.5AI score0.0036EPSS
Exploits1References1
Rows per page
Query Builder