Vulnerabilities > Zkteco > Biotime > 8.5.4

DATE CVE VULNERABILITY TITLE RISK
2024-07-05 CVE-2024-6523 Cross-site Scripting vulnerability in Zkteco Biotime 8.5.3/8.5.4/8.5.5
A vulnerability was found in ZKTeco BioTime up to 9.5.2.
network
low complexity
zkteco CWE-79
5.4
5.4
2022-11-08 CVE-2022-30515 Missing Authentication for Critical Function vulnerability in Zkteco Biotime 8.5.4/8.5.5
ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an attacker to view them through filename enumeration.
network
low complexity
zkteco CWE-306
5.3
5.3