A SQL injection vulnerability exists in ZFAKA<=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account.
9.8CVSS
9.6AI Score
0.002EPSS
An issue was found in Zfaka <= 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution.
9.8CVSS
9.7AI Score
0.009EPSS