257 matches found
CVE-2024-44867
phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php...
phpok 安全漏洞
phpok is an extension-enabled enterprise website builder from the phpok team. A security vulnerability exists in phpok v3.0, which originates from an arbitrary file read vulnerability via component /autoload/file.php...
CVE-2024-44867
phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php...
CVE-2024-44867
phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php...
CVE-2024-44867
Summary: CVE-2024-44867 affects phpok v3.0, with an arbitrary file read vulnerability in the /autoload/file.php component. Across connected sources (Red Hat, NVD, CVE lists, CNNVD, CVE list, vulnrichment), the description consistently states the issue is an arbitrary file read in phpok v3.0. No e...
CVE-2024-38953
phpok 6.4.003 contains a Cross Site Scripting XSS vulnerability in the okf method under the framework/api/uploadcontrol.php file...
CVE-2024-38953
phpok 6.4.003 contains a Cross Site Scripting XSS vulnerability in the okf method under the framework/api/uploadcontrol.php file...
CVE-2024-38953
phpok 6.4.003 contains a Cross Site Scripting XSS vulnerability in the okf method under the framework/api/uploadcontrol.php file...
CVE-2024-38953
phpok 6.4.003 contains a Cross Site Scripting XSS vulnerability in the okf method under the framework/api/uploadcontrol.php file...
CVE-2024-38953
The CVE-2024-38953 entry maps to phpok 6.4.003 with a Cross Site Scripting (XSS) vulnerability in the ok_f() method of framework/api/upload_control.php. Affected component: phpok core, file path framework/api/upload_control.php. Root cause and explicit impact are described as XSS, but the connect...
PHPOK Security Vulnerability
PHPOK is an enterprise website builder system that supports extensions. A security vulnerability exists in PHPOK version 6.4.003, which originates from the presence of a cross-site scripting XSS vulnerability...
PT-2024-28292 · Phpok · Phpok
Name of the Vulnerable Software and Affected Versions: phpok version 6.4.003 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It affects the ok f method located in the framework/api/upload control.php file. Recommendations: For phpok version 6.4.003, consider disabli...
CVE-2023-29881
phpok 6.4.003 is vulnerable to SQL injection in the function indexf in phpok64/framework/api/callcontrol.php...
CVE-2023-29881
phpok 6.4.003 is vulnerable to SQL injection in the function indexf in phpok64/framework/api/callcontrol.php...
PHPOK 安全漏洞
PHPOK is an enterprise website builder system that supports extensions. A security vulnerability exists in PHPOK version 6.4.003, which stems from vulnerability to SQL injection attacks...
CVE-2023-29881
CVE-2023-29881 affects phpok 6.4.003; the vulnerability is in index_f() within phpok64/framework/api/call_control.php, enabling SQL injection (CVE details show low confidentiality and integrity impact, no availability impact). Exploitation details are not provided. Remediation: as a temporary wor...
CVE-2023-29881
phpok 6.4.003 is vulnerable to SQL injection in the function indexf in phpok64/framework/api/callcontrol.php...
CVE-2023-29881
phpok 6.4.003 is vulnerable to SQL injection in the function indexf in phpok64/framework/api/callcontrol.php...
PT-2024-12219 · Phpok · Phpok
Name of the Vulnerable Software and Affected Versions: phpok version 6.4.003 Description: The issue concerns SQL injection in the index f function located in phpok64/framework/api/call control.php. This allows for potential exploitation of the SQL injection vulnerability. Recommendations: For php...
PHPOK SQL Injection Vulnerability (CNVD-2023-64116)
PHPOK is an enterprise building system that supports expansion. PHPOK v.5.4 suffers from a SQL injection vulnerability that originates from allowing remote attackers to obtain sensitive information via the userlist function in the framerwork/phpokcall.php file. No detailed vulnerability details a...