Browse all 8 CVE security advisories affecting zealopensource. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Zealopensource develops open-source software primarily used for web application development and API management. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with eight CVEs documented to date. While no major security incidents have been widely reported, the consistent pattern of vulnerabilities in their core functionality suggests potential risks for organizations relying on their tools. Their codebase often contains insufficient input validation and access controls, which could lead to unauthorized system compromise. Users are advised to maintain current patch levels and implement additional security controls when deploying Zealopensource solutions in production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-6316 | Generate PDF using Contact Form 7 <= 4.1.2 - Cross-Site Request Forgery to Arbitrary File Upload — Generate PDF using Contact Form 7CWE-352 | 8.8 | High | 2024-07-09 |
| CVE-2024-6317 | Generate PDF using Contact Form 7 <= 4.1.2 - Cross-Site Request Forgery to Arbitrary File Deletion — Generate PDF using Contact Form 7CWE-352 | 8.8 | High | 2024-07-09 |
This page lists every published CVE security advisory associated with zealopensource. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.