Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

257 matches found

NVD
NVDadded 2023/06/20 3:15 p.m.13 views

CVE-2020-21486

SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the userlist function in framerwork/phpokcall.php file...

7.5CVSS7.5AI score0.00052EPSS
Exploits1References1
OSV
OSVadded 2023/06/20 3:15 p.m.2 views

CVE-2020-21486

SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the userlist function in framerwork/phpokcall.php file...

7.5CVSS5.9AI score0.00052EPSS
Exploits1References1
Prion
Prionadded 2023/06/20 3:15 p.m.15 views

Sql injection

SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the userlist function in framerwork/phpokcall.php file...

5CVSS7.5AI score0.00052EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/06/20 12:0 a.m.5 views

CVE-2020-21486

SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the userlist function in framerwork/phpokcall.php file...

7.3AI score0.00052EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/06/20 12:0 a.m.1 views

PHPOK SQL注入漏洞

PHPOK is an enterprise building system that supports expansion. PHPOK v.5.4 suffers from a SQL injection vulnerability that originates from allowing remote attackers to obtain sensitive information via the userlist function in the framerwork/phpokcall.php file. No detailed vulnerability details a...

7.5CVSS7.6AI score0.00052EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/06/20 12:0 a.m.2 views

PT-2023-11590 · Phpok · Phpok

Name of the Vulnerable Software and Affected Versions: PHPOK version 5.4 Description: The issue allows a remote attacker to obtain sensitive information via the userlist function in the framerwork/phpok call.php file. This is achieved through a SQL injection vulnerability. Recommendations: For...

7.5CVSS7.3AI score0.00052EPSS
Exploits1References4
Cvelist
Cvelistadded 2023/06/20 12:0 a.m.8 views

CVE-2020-21486

SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the userlist function in framerwork/phpokcall.php file...

7.5AI score0.00052EPSS
Exploits1References1
CVE
CVEadded 2023/06/20 12:0 a.m.40 views

CVE-2020-21486

CVE-2020-21486 affects PHPOK v5.4. A SQL injection in the vulnerable function _userlist (framerwork/phpok_call.php) can allow a remote attacker to obtain sensitive information. Multiple connected sources corroborate the vulnerability and its impact as information disclosure via SQL injection. Exp...

7.5CVSS7.5AI score0.00052EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2023/06/07 2:15 a.m.11 views

CVE-2023-33601

An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file...

8.8CVSS8.9AI score0.0074EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2023/06/07 2:15 a.m.3 views

CVE-2023-33601

An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file...

8.8CVSS7.8AI score0.0074EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/06/07 12:0 a.m.8 views

CVE-2023-33601

An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file...

8.9AI score0.0074EPSS
Exploits1References1
Cvelist
Cvelistadded 2023/06/07 12:0 a.m.10 views

CVE-2023-33601

An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file...

9AI score0.0074EPSS
Exploits1References1
CNNVD
CNNVDadded 2023/06/07 12:0 a.m.2 views

PHPOK 代码问题漏洞

PHPOK is an enterprise website building system with extended support. A security vulnerability exists in PHPOK version 6.4.100, which originates from an arbitrary file upload vulnerability. The vulnerability can be exploited by an attacker to execute arbitrary code by uploading a specially crafte...

8.8CVSS8.5AI score0.0074EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2023/06/07 12:0 a.m.2 views

PT-2023-24402 · Phpok · Phpok

Name of the Vulnerable Software and Affected Versions: phpok version 6.4.100 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, exploiting an arbitrary file upload vulnerability in the "/admin.php?c=upload" API endpoint, specifically the c parameter set to...

8.8CVSS8.2AI score0.0074EPSS
Exploits1References4
CVE
CVEadded 2023/06/07 12:0 a.m.57 views

CVE-2023-33601

CVE-2023-33601 describes an arbitrary file upload vulnerability in the PHPok web application (version 6.4.100). The flaw resides in the /admin.php?c=upload endpoint, allowing an attacker to upload a crafted PHP file to achieve arbitrary code execution. The provided connected documents confirm the...

8.8CVSS8.8AI score0.0074EPSS
Exploits1References1Affected Software1
CNVD
CNVDadded 2023/05/29 12:0 a.m.14 views

PHPOK Arbitrary File Upload Vulnerability (CNVD-2023-43865)

PHPOK is an enterprise building system that supports expansion. PHPOK version 6.4.100 suffers from an arbitrary file upload vulnerability, which stems from admin.php?c=upload&f=zip&noCache=0.1683794968 lack of valid validation of the uploaded file. An attacker can exploit this vulnerability to...

8.8CVSS7.6AI score0.00484EPSS
Exploits1References1
NVD
NVDadded 2023/05/25 1:15 p.m.6 views

CVE-2023-2888

A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /admin.php?c=upload&f=zip&noCache=0.1683794968. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-229953 was...

8.8CVSS5.8AI score0.00484EPSS
Exploits1References3
OSV
OSVadded 2023/05/25 1:15 p.m.14 views

CVE-2023-2888

A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /admin.php?c=upload&f=zip&noCache=0.1683794968. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-229953 was...

8.8CVSS7.1AI score
Exploits0References3
Prion
Prionadded 2023/05/25 1:15 p.m.16 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /admin.php?c=upload&f=zip&noCache=0.1683794968. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-229953 was...

5.8CVSS8.7AI score0.00484EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/05/25 1:0 p.m.9 views

CVE-2023-2888 PHPOK unrestricted upload

A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /admin.php?c=upload&f=zip&noCache=0.1683794968. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-229953 was...

5.8CVSS6.8AI score0.00484EPSS
Exploits1References3
Rows per page
Query Builder