L3S10N

**Name of the Vulnerable Software and Affected Versions** Zentao versions 18.0 through 18.10 **Description** A remote code execution issue was discovered in Zentao, affecting its checkConnection method. The vulnerability can be exploited via the /app/zentao/module/repo/model.php endpoint, allowing for remote code execution. **Recommendations** For versions 18.0 through 18.10, consider disabling the `checkConnection` method as a temporary workaround until a patch is available. Restrict access to the /app/zentao/module/repo/model.php endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ZenTao versions 16.4 through 18.0.beta1 **Description** The issue allows for SQL injection after logging in with any user, by constructing a special request and sending it to the `importNotice` function. This enables the completion of SQL injection. **Recommendations** For versions 16.4 through 18.0.beta1, consider disabling the `importNotice` function until a patch is available to prevent SQL injection attacks.