BiZ
by Match Agency
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-3359 | 0.03 | — | 0.01 | Sep 24, 2009 | Multiple cross-site scripting (XSS) vulnerabilities in Match Agency BiZ 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) important parameter to edit_profile.php and (2) pid parameter to report.php. | |||
| CVE-2024-24202 | 0.00 | — | 0.00 | Feb 8, 2024 | An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file. | |||
| CVE-2023-46375 | 0.00 | — | 0.00 | Oct 27, 2023 | ZenTao Biz version 4.1.3 and before is vulnerable to Cross Site Request Forgery (CSRF). |
- CVE-2009-3359Sep 24, 2009risk 0.03cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Match Agency BiZ 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) important parameter to edit_profile.php and (2) pid parameter to report.php.
- CVE-2024-24202Feb 8, 2024risk 0.00cvss —epss 0.00
An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file.
- CVE-2023-46375Oct 27, 2023risk 0.00cvss —epss 0.00
ZenTao Biz version 4.1.3 and before is vulnerable to Cross Site Request Forgery (CSRF).