Shodan
Vulnerabilities
Vulnerable Software
Tribalsystems:  >> Zenario  Security Vulnerabilities
CVE-2024-45960
Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack.
CVSS Score
4.8
EPSS Score
0.0
Published
2024-10-02
CVE-2024-45964
Zenario 9.7.61188 is vulnerable to Cross Site Scripting (XSS) in the Image library via the "Organizer tags" field.
CVSS Score
4.8
EPSS Score
0.0
Published
2024-10-02
CVE-2023-44769
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Spare aliases from Alias.
CVSS Score
5.4
EPSS Score
0.008
Published
2023-10-25
CVE-2023-44770
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-10-06
CVE-2023-44771
A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows a local attacker to execute arbitrary code via a crafted script to the Page Layout.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-10-06
CVE-2023-39578
A stored cross-site scripting (XSS) vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field.
CVSS Score
4.8
EPSS Score
0.011
Published
2023-08-28
CVE-2022-44136
Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE).
CVSS Score
9.8
EPSS Score
0.011
Published
2022-11-30
CVE-2022-4231
A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS 9.3.57595. This issue affects some unknown processing of the component Remember Me Handler. The manipulation leads to session fixiation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214589 was assigned to this vulnerability.
CVSS Score
4.2
EPSS Score
0.001
Published
2022-11-30
CVE-2022-44071
Zenario CMS 9.3.57186 is is vulnerable to Cross Site Scripting (XSS) via profile.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-11-16
CVE-2022-44073
Zenario CMS 9.3.57186 is vulnerable to Cross Site Scripting (XSS) via svg,Users & Contacts.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-11-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved