257 matches found
CVE-2018-16142
PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/logincontrol.php via the back parameter to the okf function...
Cross site scripting
PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/logincontrol.php via the back parameter to the okf function...
CVE-2018-16142
PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/logincontrol.php via the back parameter to the okf function...
CVE-2018-16142
PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/logincontrol.php via the back parameter to the okf function...
PHPOK Arbitrary File Deletion Vulnerability
PHPOK is an enterprise building system that supports expansion. An arbitrary file deletion vulnerability exists in the 'delfilef' function in the framework/admin/tplcontrol.php file in PHPOK version 4.9.032. An attacker can exploit this vulnerability to delete arbitrary files...
PHPOK Arbitrary File Upload Vulnerability
PHPOK is an enterprise building system that supports expansion. An arbitrary file upload vulnerability exists in the 'importf' function in the framework/admin/moduleccontrol.php file in PHPOK version 4.9.032. An attacker can exploit this vulnerability to upload arbitrary zip files...
Arbitrary file deletion
PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfilef function in framework/admin/tplcontrol.php...
CVE-2018-12491
PHPOK 4.9.032 has an arbitrary file upload vulnerability in the importf function in framework/admin/moduleccontrol.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944...
CVE-2018-12492
PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfilef function in framework/admin/tplcontrol.php...
CVE-2018-12491
PHPOK 4.9.032 has an arbitrary file upload vulnerability in the importf function in framework/admin/moduleccontrol.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944...
CVE-2018-12492
PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfilef function in framework/admin/tplcontrol.php...
CVE-2018-12491
CVE-2018-12491 affects PHPOK 4.9.032. The connected Red Hat entry corroborates an arbitrary file upload vulnerability in the import_f function of framework/admin/modulec_control.php, demonstrated by uploading a PHP file inside a PHP.zip archive (similar to CVE-2018-8944). The available documents ...
CVE-2018-12491
PHPOK 4.9.032 has an arbitrary file upload vulnerability in the importf function in framework/admin/moduleccontrol.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944...
CVE-2018-12492
PHPOK 4.9.032 contains an arbitrary file deletion vulnerability in the delfile_f function of framework/admin/tpl_control.php. The issue is described across multiple sources (NVD entry CVE-2018-12492 and connected advisories) as allowing deletion of arbitrary files. The core affected component is ...
CVE-2018-12492
PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfilef function in framework/admin/tplcontrol.php...
File upload vulnerability in phpok 4.9.032
PHPOK is an enterprise building system that supports expansion. A file upload vulnerability exists in phpok 4.9.032, which can be exploited by attackers to write arbitrary files and gain administrator privileges on a website...
CVE-2018-8944
PHPOK 4.8.338 has an arbitrary file upload vulnerability...
CVE-2018-8944
PHPOK 4.8.338 has an arbitrary file upload vulnerability...
CVE-2018-8944
PHPOK 4.8.338 has an arbitrary file upload vulnerability...
CVE-2018-8944
CVE-2018-8944 is an arbitrary file upload vulnerability in PHPOK 4.8.338. The connected Red Hat entry notes a similar issue in PHPOK 4.9.032 (import_f in framework/admin/modulec_control.php) and demonstrates abuse via uploading a PHP file inside a PHP archive, but the provided documents do not sp...