← Back

Zfaka

zfaka

Vendor: Zfaka Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-24553
1Zfaka Project
1Zfaka
Jun 17, 2026
Feb 21, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was found in Zfaka <= 1.4.5. The verification of the background file upload function check is not strict, resulting in remote command execution.
CVE-2022-22294
1Zfaka Project
1Zfaka
Jun 17, 2026
Jan 28, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A SQL injection vulnerability exists in ZFAKA<=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account.