2 matches found
CVE-2025-15128 ZKTeco BioTime Endpoint safe_setting credentials storage
A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safesetting/ of the component Endpoint. Performing a manipulation of the argument backupencryptionpassworddecrypt/exportencryptionpassworddecrypt results in unprotected storage o...
PT-2022-24574 · Zkteco · Zkteco Biotime
Name of the Vulnerable Software and Affected Versions: Zkteco BioTime versions prior to 8.5.3 Build:20200816.447 Description: The issue allows an employee to hijack an administrator session and cookies using blind cross-site scripting. Recommendations: For versions prior to 8.5.3...