SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive information via the _userlist function in framerwork/phpok_call.php file.
7.5CVSS
7.5AI Score
0.001EPSS
File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload.
8.8CVSS
8.9AI Score
0.002EPSS
9.8CVSS
9.8AI Score
0.009EPSS
A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /admin.php?c=upload&f=zip&_noCache=0.1683794968. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-229953 was as...
8.8CVSS
8.7AI Score
0.001EPSS
An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file.
8.8CVSS
8.8AI Score
0.001EPSS