8 matches found
EUVD-2025-28393
Malicious code in bioql PyPI...
CVE-2025-5114
A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor=edit=cGhhcjovLy9ldGMvcGFzc3dk=edit of the component Committer. The manipulation of the argument filePath leads to...
CVE-2025-5114
A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the argument filePath lea...
CVE-2025-5114
A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the argument filePath lea...
CVE-2025-5114 easysoft zentaopms Editor index.php edit deserialization
A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the argument filePath lea...
CVE-2025-5114
The CVE-2025-5114 entry affects easysoft zentaopms 21.5_20250307. According to PT-2025-22798 (and corroborating entries), the vulnerability resides in the Edit function of the Committer component, specifically the endpoint /index.php?m=editor&f=edit&filePath=…&action=edit, where manipulating the ...
PT-2025-22798
Name of the Vulnerable Software and Affected Versions easysoft zentaopms version 21.5 20250307 Description A critical issue has been discovered that affects the Edit function of the component Committer. The issue is related to the manipulation of the filePath argument in the...
Cross-Site Request Forgery (CSRF) in easysoft/zentaopms
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...