Known Vulnerabilities for products from Easycorp
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Easycorp".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-46475 json | A Stored Cross-Site Scripting vulnerability was discovered in ZenTao 18.3 where a user can create a project, and in the name ... | 5.4 - MEDIUM | 2023-11-02 | 2023-11-09 |
| CVE-2023-44827 json | An issue in ZenTao Community Edition v.18.6 and before, ZenTao Biz v.8.6 and before, ZenTao Max v.4.7 and before allows an at... | 8.8 - HIGH | 2023-10-10 | 2023-10-11 |
| CVE-2023-44826 json | Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive information via a crafted ... | 5.4 - MEDIUM | 2023-10-10 | 2023-10-11 |
| CVE-2023-6439 json | Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive information via a crafted ... | 6.1 - MEDIUM | 2023-11-30 | 2023-12-06 |
| CVE-2022-47745 json | ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can complete SQL injection by c... | 8.8 - HIGH | 2023-01-19 | 2023-01-26 |
| CVE-2022-37700 json | Zentao Demo15 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: U... | 7.5 - HIGH | 2022-09-19 | 2023-11-07 |
| CVE-2021-27558 json | A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via vari... | 6.1 - MEDIUM | 2021-08-31 | 2021-09-08 |
| CVE-2021-27557 json | A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update th... | 4.3 - MEDIUM | 2021-08-31 | 2021-09-08 |
| CVE-2021-27556 json | The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setti... | 7.2 - HIGH | 2021-08-31 | 2021-09-03 |
| CVE-2020-28165 json | The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary file upload vulnerability. An attacker can upload arbitr... | 9.8 - CRITICAL | 2021-08-12 | 2021-08-20 |
| CVE-2020-22533 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2023-04-04 | 2023-04-10 |
| CVE-2020-21268 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2023-06-20 | 2023-06-27 |
| CVE-2020-7361 json | The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its '/pro/repo-create.html' compone... | 8.8 - HIGH | 2020-08-06 | 2020-08-10 |
Known software with vulnerabilities from Easycorp
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Easycorp | Zentao Pro | 8.8.2 |