Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-29362 | 1 Zkea | 1 Zkeacms | 2025-08-14 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /navigation/create?ParentID=%23 of ZKEACMS v3.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ParentID parameter. | |||||
| CVE-2025-52239 | 1 Zkea | 1 Zkeacms | 2025-08-14 | N/A | 9.8 CRITICAL |
| An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file. | |||||
| CVE-2020-20670 | 1 Zkea | 1 Zkeacms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An arbitrary file upload vulnerability in /admin/media/upload of ZKEACMS V3.2.0 allows attackers to execute arbitrary code via a crafted HTML file. | |||||