Filtered by vendor Zkeacms
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-10471 | 1 Zkeacms | 1 Zkeacms | 2025-09-17 | 6.3 Medium |
| A vulnerability was detected in ZKEACMS 4.3. Impacted is the function Proxy of the file src/ZKEACMS/Controllers/MediaController.cs. Performing manipulation of the argument url results in server-side request forgery. It is possible to initiate the attack remotely. The exploit is now public and may be used. | ||||
| CVE-2025-52239 | 2 Zkea, Zkeacms | 2 Zkeacms, Zkeacms | 2025-08-14 | 9.8 Critical |
| An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file. | ||||
Page 1 of 1.