257 matches found
Deserialization of untrusted data
Phpok 6.1 has a deserialization vulnerability via framework/phpokcall.php...
CVE-2022-40889
CVE-2022-40889 : Phpok 6.1 has a deserialization vulnerability via framework/phpok_call.php. Affected: Phpok 6.1 (framework/phpok_call.php). Root cause: deserialization vulnerability in the PHP code path. Impact: high confidentiality, integrity, and availability impacts per CVSS 3.1 score (9.8, C...
CVE-2022-40889
Phpok 6.1 has a deserialization vulnerability via framework/phpokcall.php...
CVE-2022-40889
Phpok 6.1 has a deserialization vulnerability via framework/phpokcall.php...
PHPOK 代码问题漏洞
PHPOK is an enterprise website builder with extension support. A security vulnerability exists in PHPOK version 6.1, which stems from a deserialization vulnerability found via framework/Phpokcall.php...
PT-2022-25610 · Phpok · Phpok
Name of the Vulnerable Software and Affected Versions: Phpok version 6.1 Description: The issue is related to a deserialization vulnerability. It affects the framework/phpok call.php file. Recommendations: For Phpok version 6.1, consider restricting access to the framework/phpok call.php file unt...
CVE-2022-29363
Phpok v6.1 was discovered to contain a deserialization vulnerability via the updatef function in logincontrol.php. This vulnerability allows attackers to getshell via writing arbitrary files...
CVE-2022-29363
Phpok v6.1 was discovered to contain a deserialization vulnerability via the updatef function in logincontrol.php. This vulnerability allows attackers to getshell via writing arbitrary files...
CVE-2022-29363
Phpok v6.1 was discovered to contain a deserialization vulnerability via the updatef function in logincontrol.php. This vulnerability allows attackers to getshell via writing arbitrary files...
Deserialization of untrusted data
Phpok v6.1 was discovered to contain a deserialization vulnerability via the updatef function in logincontrol.php. This vulnerability allows attackers to getshell via writing arbitrary files...
CVE-2022-29363
CVE-2022-29363 affects Phpok v6.1, where a deserialization vulnerability in login_control.php:update_f() allows an attacker to write arbitrary files, enabling shell access (getshell). The issue is documented with high/critical impact (C/P/I/A = high/partial/high/partial; CVSS 3.1 base score 9.8)....
CVE-2022-29363
Phpok v6.1 was discovered to contain a deserialization vulnerability via the updatef function in logincontrol.php. This vulnerability allows attackers to getshell via writing arbitrary files...
PHPOK 代码问题漏洞
PHPOK is an enterprise website builder with extended support. A security vulnerability exists in PHPOK v6.1, which originates from a deserialization vulnerability in the updatef function of logincontrol.php in Phpok v6.1, which can be exploited by an attacker to write to an arbitrary file and...
phpok directory traversal vulnerability
phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. A directory traversal vulnerability exists in phpok version 5.1. The vulnerability can be exploited to disclose sensitive information via the title parameter of admin.php...
phpok buffer overflow vulnerability
phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. A buffer overflow vulnerability exists in framework/init.php in phpok version 5.1. An attacker can exploit this vulnerability to execute arbitrary code...
phpok Arbitrary File Write Vulnerability
phpok is a set of enterprise website system developed by Shenzhen锟絪 technology limited company using PHP+MYSQL language. An arbitrary file write vulnerability exists in the editsavef function in framework/admin/tplcontrol.php in phpok version 5.1. An attacker can exploit this vulnerability to wri...
CVE-2020-18439
An issue was discoverered in in function editsavef in framework/admin/tplcontrol.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell...
CVE-2020-18438
Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to disclose sensitive information, via the title parameter to admin.php...
CVE-2020-18439
An issue was discoverered in in function editsavef in framework/admin/tplcontrol.php in qinggan phpok 5.1, allows attackers to write arbitrary files or get a shell...
CVE-2020-18438
Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to disclose sensitive information, via the title parameter to admin.php...