5 matches found
CVE-2025-10764
CVE-2025-10764 affects SeriaWei ZKEACMS up to 4.3, specifically the Edit function in Event Action System at src/ZKEACMS.EventAction/Controllers/PendingTaskController.cs. The vulnerability stems from manipulation of the Data argument, enabling server-side request forgery (SSRF) from remote attacke...
CVE-2025-10764 SeriaWei ZKEACMS Event Action System PendingTaskController.cs Edit server-side request forgery
A vulnerability was identified in SeriaWei ZKEACMS up to 4.3. This affects the function Edit of the file src/ZKEACMS.EventAction/Controllers/PendingTaskController.cs of the component Event Action System. Such manipulation of the argument Data leads to server-side request forgery. The attack may b...
CVE-2025-10764 SeriaWei ZKEACMS Event Action System PendingTaskController.cs Edit server-side request forgery
A vulnerability was identified in SeriaWei ZKEACMS up to 4.3. This affects the function Edit of the file src/ZKEACMS.EventAction/Controllers/PendingTaskController.cs of the component Event Action System. Such manipulation of the argument Data leads to server-side request forgery. The attack may b...
CVE-2024-46240
Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file...
Collabtive 跨站脚本漏洞
Collabtive is a web-based project management system. The system includes features such as project management, document management and time tracking. A security vulnerability exists in Collabtive version 3.1, which originates from a cross-site scripting attack via the name parameter when...