Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2025/10/06 3:17 p.m.12 views

CVE-2025-11272

A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...

5.5CVSS6.4AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/04 9:30 p.m.7 views

EUVD-2025-32435

A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...

5.5CVSS6AI score0.00262EPSS
Exploits0References6
NVD
NVD
added 2025/10/04 8:15 p.m.6 views

CVE-2025-11272

A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...

5.5CVSS0.00262EPSS
Exploits0References5
CVE
CVE
added 2025/10/04 8:2 p.m.11 views

CVE-2025-11272

CVE-2025-11272 affects SeriaWei ZKEACMS up to version 4.3. The issue resides in the Delete function of src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs (POST Request Handler) and results in improper authorization with remote exploitation possible. Public exploit details have been d...

5.5CVSS5.4AI score0.00262EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/04 8:2 p.m.10 views

CVE-2025-11272 SeriaWei ZKEACMS POST Request UrlRedirectionController.cs Delete improper authorization

A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...

5.5CVSS0.00262EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/04 8:2 p.m.3 views

CVE-2025-11272 SeriaWei ZKEACMS POST Request UrlRedirectionController.cs Delete improper authorization

A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is...

5.5CVSS6.2AI score0.00262EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/10/04 12:0 a.m.4 views

PT-2025-40780

Name of the Vulnerable Software and Affected Versions SeriaWei ZKEACMS versions up to 4.3 Description A flaw exists in the Delete function within the src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs file of the POST Request Handler component. This issue results in improper...

5.5CVSS5AI score0.00262EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-30376

Malicious code in bioql PyPI...

5.8CVSS5AI score0.00356EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30374

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00411EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/23 7:23 a.m.4 views

CVE-2025-10766

A weakness has been identified in SeriaWei ZKEACMS up to 4.3. This issue affects the function Download of the file EventViewerController.cs. Executing manipulation of the argument ID can lead to path traversal. It is possible to launch the attack remotely. The exploit has been made available to t...

5.3CVSS6.6AI score0.00507EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/23 6:36 a.m.19 views

CVE-2025-10764

A vulnerability was identified in SeriaWei ZKEACMS up to 4.3. This affects the function Edit of the file src/ZKEACMS.EventAction/Controllers/PendingTaskController.cs of the component Event Action System. Such manipulation of the argument Data leads to server-side request forgery. The attack may b...

6.5CVSS6.5AI score0.00411EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/23 6:36 a.m.16 views

CVE-2025-10765

A security flaw has been discovered in SeriaWei ZKEACMS up to 4.3. This vulnerability affects the function CheckPage/Suggestions in the library cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS.SEOSuggestions.dll of the component SEOSuggestions. Performing manipulation results in server-sid...

5.8CVSS6.6AI score0.00356EPSS
Exploits1References1
OSV
OSV
added 2025/09/21 7:15 a.m.6 views

CVE-2025-10766

A weakness has been identified in SeriaWei ZKEACMS up to 4.3. This issue affects the function Download of the file EventViewerController.cs. Executing manipulation of the argument ID can lead to path traversal. It is possible to launch the attack remotely. The exploit has been made available to t...

5.3CVSS6.8AI score
Exploits0References4
NVD
NVD
added 2025/09/21 7:15 a.m.4 views

CVE-2025-10765

A security flaw has been discovered in SeriaWei ZKEACMS up to 4.3. This vulnerability affects the function CheckPage/Suggestions in the library cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS.SEOSuggestions.dll of the component SEOSuggestions. Performing manipulation results in server-sid...

7.2CVSS0.00356EPSS
Exploits1References4
OSV
OSV
added 2025/09/21 7:15 a.m.3 views

CVE-2025-10765

A security flaw has been discovered in SeriaWei ZKEACMS up to 4.3. This vulnerability affects the function CheckPage/Suggestions in the library cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS.SEOSuggestions.dll of the component SEOSuggestions. Performing manipulation results in server-sid...

7.2CVSS6.8AI score
Exploits0References4
Cvelist
Cvelist
added 2025/09/21 7:2 a.m.10 views

CVE-2025-10766 SeriaWei ZKEACMS EventViewerController.cs Download path traversal

A weakness has been identified in SeriaWei ZKEACMS up to 4.3. This issue affects the function Download of the file EventViewerController.cs. Executing manipulation of the argument ID can lead to path traversal. It is possible to launch the attack remotely. The exploit has been made available to t...

5.3CVSS0.00507EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/21 7:2 a.m.3 views

CVE-2025-10766 SeriaWei ZKEACMS EventViewerController.cs Download path traversal

A weakness has been identified in SeriaWei ZKEACMS up to 4.3. This issue affects the function Download of the file EventViewerController.cs. Executing manipulation of the argument ID can lead to path traversal. It is possible to launch the attack remotely. The exploit has been made available to t...

5.3CVSS6.4AI score0.00507EPSS
Exploits0References4
CVE
CVE
added 2025/09/21 7:2 a.m.13 views

CVE-2025-10766

CVE-2025-10766 affects SeriaWei ZKEACMS (≤4.3) and relates to path traversal via the Download function in EventViewerController.cs. The root cause is manipulation of the ID argument, enabling remote exploitation. Public PoC/exploit material has circulated; multiple sources flag remote, low-comple...

5.3CVSS4.7AI score0.00507EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2025/09/21 6:32 a.m.12 views

CVE-2025-10765

The CVE-2025-10765 entry concerns SeriaWei ZKEACMS up to version 4.3. The vulnerability resides in the SEOSuggestions component, specifically the CheckPage/Suggestions function within cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS.SEOSuggestions.dll, where manipulated input can trigger a...

7.2CVSS4.9AI score0.00356EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/21 6:32 a.m.4 views

CVE-2025-10765 SeriaWei ZKEACMS SEOSuggestions ZKEACMS.SEOSuggestions.dll server-side request forgery

A security flaw has been discovered in SeriaWei ZKEACMS up to 4.3. This vulnerability affects the function CheckPage/Suggestions in the library cms-v4.3\wwwroot\Plugins\ZKEACMS.SEOSuggestions\ZKEACMS.SEOSuggestions.dll of the component SEOSuggestions. Performing manipulation results in server-sid...

5.8CVSS6.4AI score0.00356EPSS
Exploits1References4
Rows per page
Query Builder