VYPR

Zentaopms

by Easysoft

CVEs (3)

  • CVE-2025-50857CriFeb 26, 2026
    risk 0.64cvss 9.8epss 0.02

    ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload

  • CVE-2025-5114May 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in easysoft zentaopms 21.5_20250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the…

  • CVE-2023-44826Oct 10, 2023
    risk 0.00cvss epss 0.00

    Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive information via a crafted script.