Lucene search
+L

23 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.7 views

CVE-2021-27556

The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers who have admin access to execute arbitrary code by setting the type parameter to System...

9CVSS8AI score0.04009EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-14309

Malware in sbrugna...

6.1CVSS6.3AI score0.00838EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-20651

Malware in sbrugna...

9.8CVSS9AI score0.01087EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 6:28 p.m.8 views

CVE-2021-27557

A cross-site request forgery CSRF vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job...

4.3CVSS6.9AI score0.0036EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:27 p.m.9 views

CVE-2021-27558

A cross site scripting XSS issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator...

6.1CVSS6.4AI score0.00838EPSS
Exploits1References1
NVD
NVD
added 2021/08/31 3:15 a.m.18 views

CVE-2021-27558

A cross site scripting XSS issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator...

6.1CVSS0.00838EPSS
Exploits1References1
NVD
NVD
added 2021/08/31 3:15 a.m.23 views

CVE-2021-27556

The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers who have admin access to execute arbitrary code by setting the type parameter to System...

9CVSS0.04009EPSS
Exploits1References1
NVD
NVD
added 2021/08/31 3:15 a.m.23 views

CVE-2021-27557

A cross-site request forgery CSRF vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job...

4.3CVSS0.0036EPSS
Exploits1References1
OSV
OSV
added 2021/08/31 3:15 a.m.14 views

CVE-2021-27558

A cross site scripting XSS issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator...

6.1CVSS6.3AI score
Exploits0References1
OSV
OSV
added 2021/08/31 3:15 a.m.18 views

CVE-2021-27557

A cross-site request forgery CSRF vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job...

4.3CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2021/08/31 3:15 a.m.13 views

Code injection

The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers who have admin access to execute arbitrary code by setting the type parameter to System...

9CVSS7.4AI score0.04009EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/08/31 3:15 a.m.12 views

Cross site scripting

A cross site scripting XSS issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator...

4.3CVSS6.2AI score0.00838EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/31 2:44 a.m.22 views

CVE-2021-27558

A cross site scripting XSS issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator...

6.4AI score0.00838EPSS
Exploits1References1
CVE
CVE
added 2021/08/31 2:44 a.m.51 views

CVE-2021-27558

ZenTao (EasyCorp) 12.5.3 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to run arbitrary web scripts via multiple areas, including data-link-creator. The root cause is not explicitly detailed in the provided documents beyond the XSS vector; affected compone...

6.1CVSS6.2AI score0.00838EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/08/31 2:41 a.m.47 views

CVE-2021-27557

The CVE-2021-27557 entry describes a CSRF vulnerability in the Cron job tab of EasyCorp ZenTao 12.5.3, allowing an attacker to update fields of a Cron job. The issue is confirmed across multiple sources (NVD, Red Hat, OSV) as a CSRF flaw in ZenTao 12.5.3. The root cause is cross-site request forg...

4.3CVSS4.6AI score0.0036EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/31 2:41 a.m.25 views

CVE-2021-27557

A cross-site request forgery CSRF vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job...

5AI score0.0036EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/08/31 2:38 a.m.26 views

CVE-2021-27556

The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers who have admin access to execute arbitrary code by setting the type parameter to System...

7.6AI score0.04009EPSS
Exploits1References1
CVE
CVE
added 2021/08/31 2:38 a.m.46 views

CVE-2021-27556

CVE-2021-27556 concerns EasyCorp ZenTao 12.5.3, where the Cron job tab can be abused by an admin to set the type parameter to System and execute arbitrary code. The underlying issue is a parameter handling flaw in the Cron tab that enables remote code execution. Documents consistently describe co...

9CVSS7.3AI score0.04009EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2021/08/12 12:15 p.m.23 views

CVE-2020-28165

The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitrary webshell to the server by using the downloadZipPackage function...

9.8CVSS0.01087EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/12 11:1 a.m.26 views

CVE-2020-28165

The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitrary webshell to the server by using the downloadZipPackage function...

9.6AI score0.01087EPSS
Exploits0References1
Rows per page
Query Builder