Actively Exploited in the Wild
This vulnerability is being actively exploited in the wild.
ZenTao SQL Injection Vulnerability in Login Functionality
Vulnerability
A SQL injection vulnerability has been identified in ZenTao Biz versions prior to 6.5, ZenTao Max versions prior to 3.0, and ZenTao Open Source Edition versions prior to 16.5 and 16.5.beta1. The vulnerability arises because the application fails to properly validate the account parameter on the login page before using it in a database query. This allows remote, unauthenticated attackers to execute crafted SQL expressions and retrieve sensitive information from the backend database, including user and application data. Exploitation evidence was observed by the Shadowserver Foundation on February 7, 2025.
Impact
Successful exploitation allows attackers to execute arbitrary SQL commands, potentially leading to unauthorized data access or manipulation in the database.
Remediation
Users are advised to update to ZenTao Biz version 6.5, ZenTao Max version 3.0, or ZenTao Open Source Edition version 16.5 or 16.5.beta1. Instructions for downloading these versions are available on the ZenTao website.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.