Vulnerabilities > Easycorp > Zentao > 18.0

DATE CVE VULNERABILITY TITLE RISK
2024-02-08 CVE-2024-24216 Command Injection vulnerability in Easycorp Zentao
Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via the checkConnection method of /app/zentao/module/repo/model.php.
network
low complexity
easycorp CWE-77
critical
 9.8
9.8
2023-01-19 CVE-2022-47745 SQL Injection vulnerability in Easycorp Zentao
ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection.
network
low complexity
easycorp CWE-89
8.8
8.8