An issue was found in Zfaka <= 1.4.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
File Upload
Zfaka
NVD
GitHub
CVSS 3.1
9.8
EPSS
2.7%
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Authentication Bypass
Node.js
Url Parse
NVD
GitHub
CVSS 3.1
9.8
EPSS
2.2%