zeeways CVE Vulnerabilities & Metrics

Focus on zeeways vulnerabilities and metrics.

Last updated: 16 Apr 2026, 22:25 UTC

About zeeways Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with zeeways. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total zeeways CVEs: 2
Earliest CVE date: 19 Aug 2008, 19:41 UTC
Latest CVE date: 24 Mar 2026, 12:16 UTC

Latest CVE reference: CVE-2019-25636

Rolling Stats

30-day Count (Rolling): 2
365-day Count (Rolling): 2

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical zeeways CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 5.02

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	6
7.0-8.9	4
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS zeeways CVEs

These are the five CVEs with the highest CVSS scores for zeeways, sorted by severity first and recency.

CVE-2008-6912 zeeways Published on 07 Aug 2009, 19:00 UTC (CVSS: 7.5)
Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php.
CVE-2008-5782 zeeways Published on 31 Dec 2008, 11:30 UTC (CVSS: 7.5)
SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
CVE-2008-4717 zeeways Published on 23 Oct 2008, 20:00 UTC (CVSS: 7.5)
SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
CVE-2008-3706 zeeways Published on 19 Aug 2008, 19:41 UTC (CVSS: 7.5)
SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
CVE-2008-6914 zeeways Published on 07 Aug 2009, 19:00 UTC (CVSS: 6.5)
Unrestricted file upload vulnerability in viewprofile.php in Zeeways ZEEPROPERTY 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile modification, then accessing a related file via a direct request to the file in companylogo/.

All CVEs for zeeways

CVE-2019-25636 zeeways vulnerability CVSS: 0 24 Mar 2026, 12:16 UTC

Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to news_details.php, jobs_details.php, or job_cmp_details.php with malicious 'id' values using GROUP BY and CASE statements to extract sensitive database information.

CVE-2019-25635 zeeways vulnerability CVSS: 0 24 Mar 2026, 12:16 UTC

Zeeways Matrimony CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the profile_list endpoint. Attackers can inject SQL code via the up_cast, s_mother, and s_religion parameters to extract sensitive database information using time-based or error-based techniques.

CVE-2010-2144 zeeways vulnerability CVSS: 4.3 03 Jun 2010, 14:30 UTC

Cross-site scripting (XSS) vulnerability in signinform.php in Zeeways eBay Clone Auction Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtained from third party information.

CVE-2009-4601 zeeways vulnerability CVSS: 4.3 12 Jan 2010, 17:30 UTC

Cross-site scripting (XSS) vulnerability in basic_search_result.php in Zeeways ZeeJobsite 3x allows remote attackers to inject arbitrary web script or HTML via the title parameter.

CVE-2009-4316 zeeways vulnerability CVSS: 4.3 14 Dec 2009, 21:17 UTC

Cross-site scripting (XSS) vulnerability in searchresults_main.php in ZeeLyrics 3x allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVE-2008-6915 zeeways vulnerability CVSS: 4.3 07 Aug 2009, 19:00 UTC

Cross-site scripting (XSS) vulnerability in view_prop_details.php in Zeeways ZEEPROPERTY 1.0 allows remote attackers to inject arbitrary web script or HTML via the propid parameter.

CVE-2008-6914 zeeways vulnerability CVSS: 6.5 07 Aug 2009, 19:00 UTC

Unrestricted file upload vulnerability in viewprofile.php in Zeeways ZEEPROPERTY 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile modification, then accessing a related file via a direct request to the file in companylogo/.

CVE-2008-6913 zeeways vulnerability CVSS: 6.5 07 Aug 2009, 19:00 UTC

Unrestricted file upload vulnerability in editresume_next.php in Zeeways ZEEJOBSITE 2.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile edit action, then accessing the file via a direct request to jobseekers/logos/.

CVE-2008-6912 zeeways vulnerability CVSS: 7.5 07 Aug 2009, 19:00 UTC

Zeeways SHAADICLONE 2.0 allows remote attackers to bypass authentication and gain administrative privileges via a direct request to admin/home.php.

CVE-2008-5782 zeeways vulnerability CVSS: 7.5 31 Dec 2008, 11:30 UTC

SQL injection vulnerability in bannerclick.php in ZeeMatri 3.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.

CVE-2008-4717 zeeways vulnerability CVSS: 7.5 23 Oct 2008, 20:00 UTC

SQL injection vulnerability in bannerclick.php in ZEELYRICS 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.

CVE-2008-3706 zeeways vulnerability CVSS: 7.5 19 Aug 2008, 19:41 UTC

SQL injection vulnerability in bannerclick.php in ZEEJOBSITE 2.0 allows remote attackers to execute arbitrary SQL commands via the adid parameter.