Lucene search
K

38 matches found

CNNVD
CNNVD
added 2023/05/11 12:0 a.m.4 views

PHPOK 安全漏洞

PHPOK is an enterprise website builder with extended support. A security vulnerability exists in PHPOK v6.3 that stems from the presence of a Remote Code Execution RCE vulnerability...

9.8CVSS8.6AI score0.01192EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/10/18 12:0 a.m.5 views

PT-2022-25610 · Phpok · Phpok

Name of the Vulnerable Software and Affected Versions: Phpok version 6.1 Description: The issue is related to a deserialization vulnerability. It affects the framework/phpok call.php file. Recommendations: For Phpok version 6.1, consider restricting access to the framework/phpok call.php file unt...

9.8CVSS9.3AI score0.00962EPSS
Exploits1References4
CNVD
CNVD
added 2021/11/03 12:0 a.m.8 views

phpok buffer overflow vulnerability

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. A buffer overflow vulnerability exists in framework/init.php in phpok version 5.1. An attacker can exploit this vulnerability to execute arbitrary code...

9.8CVSS7.8AI score0.01606EPSS
Exploits1References1
CNVD
CNVD
added 2021/11/03 12:0 a.m.4 views

phpok directory traversal vulnerability

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. A directory traversal vulnerability exists in phpok version 5.1. The vulnerability can be exploited to disclose sensitive information via the title parameter of admin.php...

7.5CVSS6.3AI score0.01607EPSS
Exploits1References1
CNVD
CNVD
added 2021/11/03 12:0 a.m.10 views

phpok Arbitrary File Write Vulnerability

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An arbitrary file write vulnerability exists in the editsavef function in framework/admin/tplcontrol.php in phpok version 5.1. An attacker can exploit this vulnerability to wri...

9.1CVSS6.9AI score0.00975EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/11/02 12:0 a.m.3 views

qinggan phpok 路径遍历漏洞

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. A directory traversal vulnerability exists in phpok version 5.1. The vulnerability can be exploited to disclose sensitive information via the title parameter of admin.php...

7.5CVSS5.4AI score0.01607EPSS
Exploits1References1
CNVD
CNVD
added 2021/05/11 12:0 a.m.9 views

PHPOK Cross-Site Request Forgery Vulnerability

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. A cross-site request forgery vulnerability exists in PHPOK version 5.2.060. An attacker can exploit this vulnerability by executing arbitrary code via admin.php?c=admin&f=save...

8.8CVSS7.2AI score0.00913EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/05/10 12:0 a.m.6 views

PHPOK 跨站请求伪造漏洞

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. A cross-site request forgery vulnerability exists in PHPOK version 5.2.060. An attacker can exploit this vulnerability by executing arbitrary code via admin.php?c=admin&f=save...

8.8CVSS5.8AI score0.00913EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/02/08 12:0 a.m.8 views

PHPOK SQL注入漏洞

phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. PhpOK 5.4.137 suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability by injecting attachment data via SQL and then calling the attachment...

9.8CVSS5.9AI score0.01441EPSS
Exploits1References2
CNVD
CNVD
added 2020/05/19 12:0 a.m.3 views

File Upload Vulnerability in PHPOK of Shenzhen Kunshuo Technology Co., Ltd (CNVD-2020-33151)

PHPOK is a set of PHP language and MySQL database written using the enterprise website construction system. Ltd. PHPOK has a file upload vulnerability that can be exploited by attackers to gain control of the web server...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/02/25 12:0 a.m.1 views

File Upload Vulnerability in Phpok of Shenzhen Kunshuo Technology Co.

PHPOK system hereinafter referred to as OK system is a content management system for website construction developed by Shenzhen Kunshuo Technology Co., Ltd formerly known as PHPOK Studio, written in PHP, using MySQL database storage by default, and based on the LGPL open-source agreement licensed...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/01/01 12:0 a.m.1 views

Unauthorized Access Vulnerability in PHPOK v5.4.081

PHPOK system is a content management system for website construction developed by Shenzhen KunHuo Technology Co., Ltd formerly known as PHPOK Studio, written in PHP, using MySQL database storage by default, based on the LGPL open source license released to the Internet for shared use. An...

6.6AI score
Exploits0
CNVD
CNVD
added 2019/03/31 12:0 a.m.6 views

PHPOK d***.in***.php file has an arbitrary file read vulnerability

PHPOK is a set of enterprise station CMS system developed in PHP + MYSQL language. An arbitrary file read vulnerability exists in the PHPOK d.in.php file. An attacker can construct arbitrary file paths to obtain sensitive information by using a reverse-encoding method...

6.7AI score
Exploits0
CNVD
CNVD
added 2019/03/31 12:0 a.m.1 views

Stored cross-site scripting vulnerability in PHPOK up***_co***.php file

PHPOK is a set of enterprise station CMS system developed in PHP + MYSQL language. A stored cross-site scripting vulnerability exists in the PHPOK upco.php file. An attacker can insert malicious js code into the page to obtain user cookies and other information, leading to user hijacking...

6.3AI score
Exploits0
CNVD
CNVD
added 2018/12/03 12:0 a.m.3 views

PHPOK 5.0.055 suffers from a SQL Injection Vulnerability

PHPOK system is a content management system for website construction developed by Shenzhen 锟铻科技有限公司formerly known as PHPOK Studio. A SQL injection vulnerability exists in PHPOK 5.0.055. The vulnerability is caused by poor filtering of user-submitted parameters. An attacker can exploit this...

7.6AI score
Exploits0
OSV
OSV
added 2018/11/26 7:29 a.m.4 views

CVE-2018-19562

An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a "Login Background Program Upgrade Compressed Packet Upgrade" action in which a .php file is inside a ZIP archive...

8.8CVSS6.1AI score0.02214EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/03/22 9:0 p.m.34 views

CVE-2018-8944

PHPOK 4.8.338 has an arbitrary file upload vulnerability...

9.6AI score0.01205EPSS
Exploits0References1
seebug.org
seebug.org
added 2015/01/16 12:0 a.m.18 views

phpok csrf添加管理员+后台getshell

简要描述: 版本:4.2.100 看到厂商以前忽略过一个csrf。 CSRF风险在于那些通过基于受信任的输入form和对特定行为无需授权的已认证的用户来执行某些行为的web应用。已经通过被保存在用户浏览器中的cookie进行认证的用户将在完全无知的情况下发送HTTP请求到那个信任他的站点,进而进行用户不愿做的行为。 详细说明: 老问题,一直没修复。 poc: None 然后在编辑文件写入一句话木马就OK了。 文件目录 /tpl/www/ 漏洞证明:...

7.1AI score
Exploits0
Rows per page
Query Builder