The vulnerability of the AuUploader component in the ZK Framework, a web application development framework, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the AuUploader component in the ZK Framework for web application development is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending a...

ZK Framework AuUploader Unspecified Vulnerability

ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to...

VulnCheck KEV: CVE-2022-36537

ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to...

ZK Framework vulnerable to malicious POST

ZK Framework version 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...

GHSA-6278-2Q4M-CMF3 ZK Framework vulnerable to malicious POST

ZK Framework version 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...

CVE-2022-36537

ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...

Design/Logic Flaw

ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...

CVE-2022-36537

ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader. Recent assessments: ccondon-r7 at March 01, 2023 6:39pm UTC reported: The core vuln here is an info leak in ZK Framework, which ...

ZK 安全漏洞

ZK is a highly productive open source Java framework from ZK for building amazing enterprise web and mobile applications. A security vulnerability exists in ZK Framework versions v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, and 8.6.4.1. An attacker could use this vulnerability to access sensitive informati...

PT-2022-6454 · Unknown · Zk Framework

Name of the Vulnerable Software and Affected Versions: ZK Framework versions 8.6.4.1, 9.0.1.2, 9.5.1.3, 9.6.0.1, 9.6.1 Description: The issue is related to the AuUploader component of the ZK Framework, which allows attackers to access sensitive information via a crafted POST request. This can...