Filtered by vendor Zkea
Subscriptions
Filtered by product Zkeacms
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29362 | 1 Zkea | 1 Zkeacms | 2025-08-14 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter. | ||||
| CVE-2025-52239 | 2 Zkea, Zkeacms | 2 Zkeacms, Zkeacms | 2025-08-14 | 9.8 Critical |
| An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file. | ||||
| CVE-2020-20670 | 1 Zkea | 1 Zkeacms | 2024-11-21 | 8.8 High |
| An arbitrary file upload vulnerability in /admin/media/upload of ZKEACMS V3.2.0 allows attackers to execute arbitrary code via a crafted HTML file. | ||||
Page 1 of 1.