21 matches found
EUVD-2022-27440
Malicious code in bioql PyPI...
EUVD-2022-29433
Malicious code in bioql PyPI...
CVE-2022-24553
An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution...
CVE-2022-22294
A SQL injection vulnerability exists in ZFAKA=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account...
Zfaka 安全漏洞
Zfaka is a free, secure, stable and efficient card issuance system. A security vulnerability exists in Zfaka version v.2.2.0 that could allow an authenticated attacker to execute arbitrary commands via the set password function in admin/index/email...
Zfaka SQL Injection Vulnerability
Zfaka is a card issuing system. SQL injection vulnerability exists in ZFAKA 1.43 and earlier versions, which can be exploited by attackers to complete SQL injection in the frontend and add backend administrator accounts...
Zfaka input validation error vulnerability
An input validation error vulnerability exists in Zfaka, a free, secure, stable and efficient card issuance system, which stems from the product's backend file upload function that does not validate files. An attacker could cause remote command execution through this vulnerability...
CVE-2022-24553
An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution...
CVE-2022-24553
An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution...
CVE-2022-24553
An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution...
Design/Logic Flaw
An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution...
CVE-2022-24553
An issue was found in Zfaka = 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution...
CVE-2022-24553
CVE-2022-24553 affects Zfaka
Zfaka 代码问题漏洞
An input validation error vulnerability exists in Zfaka, a free, secure, stable and efficient card issuance system, which stems from the product's backend file upload function that does not validate files. An attacker could cause remote command execution through this vulnerability...
CVE-2022-22294
A SQL injection vulnerability exists in ZFAKA=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account...
CVE-2022-22294
A SQL injection vulnerability exists in ZFAKA=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account...
CVE-2022-22294
A SQL injection vulnerability exists in ZFAKA=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account...
Sql injection
A SQL injection vulnerability exists in ZFAKA=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account...
CVE-2022-22294
A SQL injection vulnerability exists in ZFAKA=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account...
CVE-2022-22294
CVE-2022-22294 is a SQL injection vulnerability reported in ZFAKA (ZW) versions up to 1.43. The connected records describe a frontend SQL injection that can be exploited to add a background administrator account, i.e., gain elevated access, with potential impact described as partial confidentiali...