Zkea CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Zkea Subscriptions

Search

Switch to Advanced Search (Beta)

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-29362	1 Zkea	1 Zkeacms	2025-08-14	5.4 Medium
A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter.
CVE-2025-52239	2 Zkea, Zkeacms	2 Zkeacms, Zkeacms	2025-08-14	9.8 Critical
An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file.
CVE-2020-20670	1 Zkea	1 Zkeacms	2024-11-21	8.8 High
An arbitrary file upload vulnerability in /admin/media/upload of ZKEACMS V3.2.0 allows attackers to execute arbitrary code via a crafted HTML file.

Page 1 of 1.