2 matches found
CVE-2019-16131
framework/admin/moduleccontrol.php in OKLite v1.2.25 has an Arbitrary File Upload Vulnerability because a .php file from a ZIP archive can be written to /data/cache/...
CVE-2019-16131
CVE-2019-16131 affects OKLite v1.2.25 in the component framework/admin/modulec_control.php, which exposes an Arbitrary File Upload vulnerability. A PHP file contained in a ZIP archive can be written to /data/cache/, enabling potential remote code execution or defacement depending on the environme...