CVE-2018-12492

PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfilef function in framework/admin/tplcontrol.php...

EUVD-2025-205516

A vulnerability was identified in 9786 phpok3w up to 901d96a06809fb28b17f3a4362c59e70411c933c. Impacted is an unknown function of the file show.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and...

EUVD-2018-11251

Malware in sbrugna...

EUVD-2018-7997

Malware in sbrugna...

EUVD-2021-20746

Malware in sbrugna...

EUVD-2024-37684

Malicious code in bioql PyPI...

CVE-2024-38953

phpok 6.4.003 contains a Cross Site Scripting XSS vulnerability in the okf method under the framework/api/uploadcontrol.php file...

CVE-2023-33601

An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-29363

Phpok v6.1 was discovered to contain a deserialization vulnerability via the updatef function in logincontrol.php. This vulnerability allows attackers to getshell via writing arbitrary files...

CVE-2020-21486

SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the userlist function in framerwork/phpokcall.php file...

CVE-2020-19199

A Cross Site Request Forgery CSRF vulnerability exists in PHPOK 5.2.060 via admin.php?c=admin=save, which could let a remote malicious user execute arbitrary code...

CVE-2018-8944

PHPOK 4.8.338 has an arbitrary file upload vulnerability...

phpok 安全漏洞

phpok is an extension-enabled enterprise website builder from the phpok team. A security vulnerability exists in phpok v3.0, which originates from an arbitrary file read vulnerability via component /autoload/file.php...

PHPOK Security Vulnerability

PHPOK is an enterprise website builder system that supports extensions. A security vulnerability exists in PHPOK version 6.4.003, which originates from the presence of a cross-site scripting XSS vulnerability...

CVE-2023-29881

phpok 6.4.003 is vulnerable to SQL injection in the function indexf in phpok64/framework/api/callcontrol.php...

CVE-2023-29881

phpok 6.4.003 is vulnerable to SQL injection in the function indexf in phpok64/framework/api/callcontrol.php...

PT-2023-11590 · Phpok · Phpok

Name of the Vulnerable Software and Affected Versions: PHPOK version 5.4 Description: The issue allows a remote attacker to obtain sensitive information via the userlist function in the framerwork/phpok call.php file. This is achieved through a SQL injection vulnerability. Recommendations: For...

CVE-2023-2888 PHPOK unrestricted upload

A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /admin.php?c=upload&f=zip&noCache=0.1683794968. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-229953 was...

PHPOK 代码问题漏洞

PHPOK is an enterprise building system that supports expansion. PHPOK version 6.4.100 suffers from an arbitrary file upload vulnerability, which stems from admin.php?c=upload&f=zip&noCache=0.1683794968 lack of valid validation of the uploaded file. An attacker can exploit this vulnerability to...

CVE-2021-34076

File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload...