A vulnerability, which was classified as problematic, has been found in ZKTeco ZKBio Access IVS up to 3.3.2. Affected by this issue is some unknown functionality of the component Department Name Search Bar. The manipulation with the input <marquee>hi leads to cross site scripting. The attack ...
3.5CVSS
3.9AI Score
0.0004EPSS
A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified as problematic. Affected is an unknown function of the file /pro/common/download of the component Service Port 9999. The manipulation of the argument fileName with the input ../../../../zkbio_media.sql...
4.3CVSS
4.7AI Score
0.0004EPSS
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS.
7.1CVSS
6.5AI Score
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord.
6.5CVSS
6.8AI Score