29 matches found
EUVD-2025-208123
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload...
CVE-2025-50857
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload...
PT-2026-22159
Name of the Vulnerable Software and Affected Versions ZenTaoPMS versions 18.11 through 21.6.beta Description ZenTaoPMS versions 18.11 through 21.6.beta contain a Directory Traversal flaw in the /module/ai/control.php file. This allows attackers to execute arbitrary code by uploading a specially...
CVE-2025-50857
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload...
zentaopms 安全漏洞
Zentaopms is an open-source Scrum project management system developed by EasySoft. There are security vulnerabilities in the ZenTaoPMS version from 18.11 to 21.6.beta. These vulnerabilities stem from directory traversal in the /module/ai/control.php module, which could allow arbitrary code to be...
CVE-2025-50857
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload...
CVE-2025-50857
ZenTaoPMS versions 18.11 through 21.6.beta are affected by a Directory Traversal vulnerability in /module/ai/control.php that allows arbitrary code execution via a crafted file upload. The root cause is a directory traversal flaw in the file-upload handling, enabling an attacker to place or execu...
EUVD-2025-28393
Malicious code in bioql PyPI...
EUVD-2023-49149
Malicious code in bioql PyPI...
CVE-2025-5114
A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor=edit=cGhhcjovLy9ldGMvcGFzc3dk=edit of the component Committer. The manipulation of the argument filePath leads to...
CVE-2025-5114
A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the argument filePath lea...
CVE-2025-5114
A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the argument filePath lea...
CVE-2025-5114
The CVE-2025-5114 entry affects easysoft zentaopms 21.5_20250307. According to PT-2025-22798 (and corroborating entries), the vulnerability resides in the Edit function of the Committer component, specifically the endpoint /index.php?m=editor&f=edit&filePath=…&action=edit, where manipulating the ...
CVE-2025-5114 easysoft zentaopms Editor index.php edit deserialization
A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the argument filePath lea...
CVE-2025-5114 easysoft zentaopms Editor index.php edit deserialization
A vulnerability has been found in easysoft zentaopms 21.520250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the argument filePath lea...
CVE-2023-44826
Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive information via a crafted script...
PT-2025-22798
Name of the Vulnerable Software and Affected Versions easysoft zentaopms version 21.5 20250307 Description A critical issue has been discovered that affects the Edit function of the component Committer. The issue is related to the manipulation of the filePath argument in the...
zentaopms 代码问题漏洞
zentaopms is EasySoft open source an agile scrum project management system u200b. A code issue vulnerability exists in zentaopms version 21.520250307, which stems from a misbehavior of the parameter filePath in file/index.php leading to deserialization...
CVE-2023-44826
Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive information via a crafted script...
CVE-2023-44826
Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive information via a crafted script...