Zerowdd Zerowdd

  1. Vendors
  2. Zerowdd

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Zerowdd product.

RSS Feeds for Zerowdd security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Zerowdd products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Zerowdd Sorted by Most Security Vulnerabilities since 2018

Zerowdd Studentmanager7 vulnerabilities

Zerowdd Myblog4 vulnerabilities

By the Year

In 2026 there have been 1 vulnerability in Zerowdd with an average score of 2.4 out of ten. Last year, in 2025 Zerowdd had 9 security vulnerabilities published. Right now, Zerowdd is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 5.32

Year Vulnerabilities Average Score
2026 1 2.40
2025 9 7.72
2024 0 0.00
2023 1 5.40

It may take a day or so for new Zerowdd vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Zerowdd Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-2201 Feb 09, 2026
XSS in ZeroWdd StudentManager addLeave Reason Field A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. This impacts the function addLeave of the file src/main/java/com/wdd/studentmanager/controller/LeaveController.java. The manipulation of the argument Reason for Leave leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The code repository of the project has not been active for many years.
Studentmanager
CVE-2025-3587 Apr 14, 2025
ZeroWdd studentmanager 1.0 Remote Improper Auth via /getTeacherList A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Studentmanager
CVE-2024-13191 Jan 08, 2025
ZeroWdd myblog 1.0 Unrestricted File Upload Vulnerability A vulnerability, which was classified as critical, has been found in ZeroWdd myblog 1.0. This issue affects the function upload of the file src/main/java/com/wdd/myblog/controller/admin/uploadController.java. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Myblog
CVE-2024-13192 Jan 08, 2025
Probable XSS in ZeroWdd myblog 1.0 BlogController update (Java) A vulnerability, which was classified as problematic, was found in ZeroWdd myblog 1.0. Affected is the function update of the file src/main/java/com/wdd/myblog/controller/admin/BlogController.java. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Myblog
CVE-2024-13190 Jan 08, 2025
XML injection in ZeroWdd myblog 1.0 BlogMapper.xml A vulnerability classified as critical was found in ZeroWdd myblog 1.0. This vulnerability affects unknown code of the file src/main/resources/mapper/BlogMapper.xml. The manipulation of the argument findBlogList/getTotalBlogs leads to xml injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Myblog
CVE-2024-13189 Jan 08, 2025
Permission Bypass in ZeroWdd myblog 1.0 via MyBlogMvcConfig A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The manipulation leads to permission issues. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Myblog
CVE-2024-13143 Jan 06, 2025
XSS in ZeroWdd StudentManager 1.0: submitAddPermission URL arg A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Studentmanager
CVE-2024-13142 Jan 05, 2025
ZeroWdd StudentManager 1.0 XSS via RoleController submitAddRole A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controller/RoleController. java. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely.
Studentmanager
CVE-2024-13134 Jan 05, 2025
ZeroWdd StudentMgr 1.0 Java Unrestricted Upload via TeacherCtrl A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Studentmanager
CVE-2024-13133 Jan 05, 2025
ZeroWdd StudentManager 1.0 Unrestricted File Upload CVE-2024-13133 A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController. java. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Studentmanager
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.