4 matches found
CVE-2022-24553
An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution...
CVE-2021-26628
Insufficient script validation of the admin page enables XSS, which causes unauthorized users to steal admin privileges. When uploading file in a specific menu, the verification of the files is insufficient. It allows remote attackers to upload arbitrary files disguising them as image files...
CVE-2022-24553
An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution...
CVE-2005-1512
The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded picture files, which allows remote attackers to upload and possibly execute arbitrary files...