VYPR
Vendor

Easysoft

Products
4
CVEs
5
Across products
7
Status
Private

Products

4

Recent CVEs

5
  • CVE-2025-50857CriFeb 26, 2026
    risk 0.64cvss 9.8epss 0.02

    ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload

  • CVE-2025-5114May 23, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in easysoft zentaopms 21.5_20250307 and classified as critical. This vulnerability affects the function Edit of the file /index.php?m=editor&f=edit&filePath=cGhhcjovLy9ldGMvcGFzc3dk&action=edit of the component Committer. The manipulation of the…

  • CVE-2023-46475Nov 2, 2023
    risk 0.00cvss epss 0.00

    A Stored Cross-Site Scripting vulnerability was discovered in ZenTao 18.3 where a user can create a project, and in the name field of the project, they can inject malicious JavaScript code.

  • CVE-2023-44827Oct 10, 2023
    risk 0.00cvss epss 0.01

    An issue in ZenTao Community Edition v.18.6 and before, ZenTao Biz v.8.6 and before, ZenTao Max v.4.7 and before allows an attacker to execute arbitrary code via a crafted script to the Office Conversion Settings function.

  • CVE-2023-44826Oct 10, 2023
    risk 0.00cvss epss 0.00

    Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive information via a crafted script.