CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2025/05/22 10:8 a.m.•6 views

CVE-2019-19576

class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions...

9.8CVSS6.5AI score0.50575EPSS

Exploits7References1

OSV•added 2020/02/28 1:10 a.m.•20 views

GHSA-2GC7-W4HW-RR2M class.upload.php in verot.net omits .pht from the set of dangerous file extensions

class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576...

9.8CVSS9.4AI score0.14952EPSS

Exploits3References4

OSV•added 2020/01/16 10:17 p.m.•23 views

GHSA-R5GM-4P5W-PQ2P Remote code execution in verot/class.upload.php

class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions...

9.8CVSS9.4AI score0.50575EPSS

Exploits7References11

Github Security Blog•added 2020/01/16 10:17 p.m.•71 views

Remote code execution in verot/class.upload.php

class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions...

9.8CVSS2.9AI score0.50575EPSS

Exploits7References12Affected Software1

OSV•added 2019/12/17 6:15 p.m.•23 views

CVE-2019-19634

9.8CVSS6.7AI score0.14952EPSS

Exploits3References3

NVD•added 2019/12/17 6:15 p.m.•11 views

CVE-2019-19634

9.8CVSS9.5AI score0.14952EPSS

Exploits3References3

Prion•added 2019/12/17 6:15 p.m.•16 views

Code injection

7.5CVSS9.4AI score0.50575EPSS

Exploits9References3Affected Software2

Cvelist•added 2019/12/17 5:11 p.m.•16 views

CVE-2019-19634

9.5AI score0.14952EPSS

Exploits3References3

OSV•added 2019/12/04 6:15 p.m.•12 views

CVE-2019-19576

class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions...

9.8CVSS9.4AI score0.50575EPSS

Exploits7References10

Prion•added 2019/12/04 6:15 p.m.•18 views

Code injection

class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions...

7.5CVSS9.4AI score0.50575EPSS

Exploits7References10Affected Software2

Cvelist•added 2019/12/04 5:33 p.m.•15 views

CVE-2019-19576

class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions...

9.5AI score0.50575EPSS

Exploits7References10

GithubExploit•added 2019/12/04 3:1 p.m.•99 views

Exploit for Unrestricted Upload of File with Dangerous Type in Verot_Project Verot

class.upload.php...

9.8CVSS9.5AI score0.50575EPSS

Exploits7

Packet Storm•added 2016/11/20 12:0 a.m.•39 views

Joomla K2 2.7.1 Shell Upload / Cross Site Request Forgery

K2 RCE via CSRF or WCI Information =========== Name: K2 Joomla! Extension 2.5.0 - 2.7.1 Software: K2 Platform: Joomla 3.6.2 Homepage: https://getk2.org/, http://extensions.joomla.org/extension/k2 Vulnerability: RCE, arbitrary file upload, missing CSRF protection Prerequisites: victim has to be...

0.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by