Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2025-52239
- EPSS 0.09%
- Published 04.08.2025 00:00:00
- Last modified 14.08.2025 16:10:59
An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file.
5.4
CVE-2022-29362
- EPSS 0.18%
- Published 25.05.2022 01:15:07
- Last modified 14.08.2025 16:13:05
A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter.
8.8
CVE-2020-20670
- EPSS 0.71%
- Published 13.09.2021 22:15:07
- Last modified 21.11.2024 05:12:12
An arbitrary file upload vulnerability in /admin/media/upload of ZKEACMS V3.2.0 allows attackers to execute arbitrary code via a crafted HTML file.
1