ZKTeco ZKBioSecurity V5000 4.1.0
Approved changes feed: RSS · Atom
cpe:2.3:a:zkteco:zkbiosecurity_v5000:4.1.0:*:*:*:*:*:*:*
part: a version: 4.1.0 update: *
| Vendor | Zkteco (5c4057c2-8005-57f0-8064-1e33ee4cd690) |
|---|---|
| Product | Zkbiosecurity V5000 (1d9b4b1d-d0b7-54d0-a7c7-7ced93df6b69) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-6344 |
vulnerable | 2026-06-03 14:58:02.674242 |
ZKTeco ZKBio CVSecurity V5000 Push Configuration Section cross site scripting
LOW (2.4)
A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of the argument Configuration Name leads to cross site scripting. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. The vendor explains, that "[s]ince ZKBio CVSecurity v5000 has been withdrawn from the market, we recommend upgrading to ZKBio CVSecurity V6600 6.1.3_R or above". This vulnerability only affects products that are no longer supported by the maintainer.
Published: 2024-06-26T10:31:03.685Z
Updated: 2025-07-10T07:02:31.856Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6006 |
vulnerable | 2026-06-03 14:57:55.019049 |
ZKTeco ZKBio CVSecurity V5000 Summer Schedule cross site scripting
LOW (3.5)
A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Summer Schedule Handler. The manipulation of the argument Schedule Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor explains, "that ZKBio Security V5000 has been withdrawn from the market and [is] recommended for upgrading to the ZKBio CVSecurity latest version." This vulnerability only affects products that are no longer supported by the maintainer.
Published: 2024-06-15T11:31:03.182Z
Updated: 2025-07-17T06:04:12.109Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6005 |
vulnerable | 2026-06-03 14:57:55.018371 |
ZKTeco ZKBio CVSecurity V5000 Department Section cross site scripting
LOW (3.5)
A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Department Section. The manipulation of the argument Department Name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor explains, "that ZKBio Security V5000 has been withdrawn from the market and [is] recommended for upgrading to the ZKBio CVSecurity latest version." This vulnerability only affects products that are no longer supported by the maintainer.
Published: 2024-06-15T09:31:03.062Z
Updated: 2025-07-17T06:04:10.334Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.