RSS   Vulnerabilities for 'Zfaka'   RSS

2022-02-21
 
CVE-2022-24553

CWE-434
 

 
An issue was found in Zfaka <= 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution.

 
2022-01-28
 
CVE-2022-22294

CWE-89
 

 
A SQL injection vulnerability exists in ZFAKA<=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account.

 


Copyright 2024, cxsecurity.com

 

Back to Top