Lucene search

Zkbio Cvsecurity Security Vulnerabilities

cve

CVE-2024-1706

A vulnerability, which was classified as problematic, has been found in ZKTeco ZKBio Access IVS up to 3.3.2. Affected by this issue is some unknown functionality of the component Department Name Search Bar. The manipulation with the input <marquee>hi leads to cross site scripting. The attack ...

3.5CVSS

3.9AI Score

0.0004EPSS

2024-02-21 06:15 PM

cve

CVE-2024-2318

A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified as problematic. Affected is an unknown function of the file /pro/common/download of the component Service Port 9999. The manipulation of the argument fileName with the input ../../../../zkbio_media.sql...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-03-08 01:15 PM

cve

CVE-2024-35428

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS.

7.1CVSS

6.5AI Score

2024-05-30 05:15 PM

cve

CVE-2024-35429

ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord.

6.5CVSS

6.8AI Score

2024-05-30 05:15 PM