6 matches found
CVE-2019-19634
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576...
Verot Class.upload.php Remote Code Execution (CVE-2019-19576; CVE-2019-19634)
A file upload vulnerability exists in class.upload.php. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2019-19634
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576...
CVE-2019-19634
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576...
CVE-2019-19634
CVE-2019-19634 affects verot.net class.upload.php up to version 2.0.4 (and 1.0.3 in some builds) used in Joomla! K2 extension; it omits .pht from dangerous extensions, enabling arbitrary file upload and remote code execution. An exploit/POC demonstrates obtaining a shell via a crafted image uploa...
Exploit for Unrestricted Upload of File with Dangerous Type in Verot_Project Verot
CVE-2019-19634 - class.upload.php = 2.0.4 Arbitrary file uplo...