4 matches found
CVE-2024-6344
The CVE-2024-6344 issue affects ZKTeco ZKBio CVSecurity V5000, version 4.1.0, in the Push Configuration Section where modifying the Configuration Name enables cross-site scripting. Attacks are described as remotely initiable. Remediation per sources is to upgrade to ZKBio CVSecurity V6600 6.1.3_R...
PT-2024-37554 · Zkteco · Zkbio Cvsecurity V5000
Name of the Vulnerable Software and Affected Versions: ZKTeco ZKBio CVSecurity V5000 version 4.1.0 Description: A problematic issue was found in the Push Configuration Section component. The manipulation of the Configuration Name argument leads to cross-site scripting. It is possible to initiate...
CVE-2024-6006
A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Summer Schedule Handler. The manipulation of the argument Schedule Name leads to cross site scripting. The attack may be launch...
CVE-2024-6006 ZKTeco ZKBio CVSecurity V5000 Summer Schedule cross site scripting
A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Summer Schedule Handler. The manipulation of the argument Schedule Name leads to cross site scripting. The attack may be launch...