Known Vulnerabilities for products from Phpok
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Phpok".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-33601 json | An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code vi... | 8.8 - HIGH | 2023-06-07 | 2023-06-13 |
| CVE-2023-2888 json | A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /a... | 8.8 - HIGH | 2023-05-25 | 2023-11-07 |
| CVE-2022-47129 json | PHPOK v6.3 was discovered to contain a remote code execution (RCE) vulnerability. | 9.8 - CRITICAL | 2023-05-11 | 2023-05-17 |
| CVE-2022-40889 json | Phpok 6.1 has a deserialization vulnerability via framework/phpok_call.php. | 9.8 - CRITICAL | 2022-10-18 | 2022-10-19 |
| CVE-2022-29363 json | Phpok v6.1 was discovered to contain a deserialization vulnerability via the update_f() function in login_control.php. This v... | 9.8 - CRITICAL | 2022-05-12 | 2022-05-23 |
| CVE-2021-34076 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-05-11 | 2023-05-19 |
| CVE-2020-21486 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-06-20 | 2023-06-27 |
| CVE-2020-19199 json | A Cross Site Request Forgery (CSRF) vulnerability exists in PHPOK 5.2.060 via admin.php?c=admin&f=save, which could let a rem... | 8.8 - HIGH | 2021-05-10 | 2021-05-18 |
| CVE-2020-18440 json | Buffer overflow vulnerability in framework/init.php in qinggan phpok 5.1, allows attackers to execute arbitrary code. | 9.8 - CRITICAL | 2021-11-02 | 2021-11-03 |
| CVE-2020-18439 json | An issue was discoverered in in function edit_save_f in framework/admin/tpl_control.php in qinggan phpok 5.1, allows attacker... | 9.1 - CRITICAL | 2021-11-02 | 2021-11-03 |
| CVE-2020-18438 json | Directory traversal vulnerability in qinggan phpok 5.1, allows attackers to disclose sensitive information, via the title par... | 7.5 - HIGH | 2021-11-02 | 2021-11-03 |
| CVE-2020-16629 json | PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through SQL, and then call the attach... | 9.8 - CRITICAL | 2021-02-08 | 2021-02-10 |
| CVE-2019-16132 json | An issue was discovered in OKLite v1.2.25. framework/admin/tpl_control.php allows remote attackers to delete arbitrary files ... | 6.5 - MEDIUM | 2019-09-09 | 2019-09-10 |
| CVE-2019-16131 json | framework/admin/modulec_control.php in OKLite v1.2.25 has an Arbitrary File Upload Vulnerability because a .php file from a Z... | 8.8 - HIGH | 2019-09-09 | 2019-09-10 |
| CVE-2018-20006 json | An issue was discovered in PHPok v5.0.055. There is a Stored XSS vulnerability via the title parameter to api.php?c=post&f=sa... | 6.1 - MEDIUM | 2018-12-10 | 2019-01-03 |
| CVE-2018-19562 json | An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a ... | 8.8 - HIGH | 2018-11-26 | 2018-12-19 |
| CVE-2018-16142 json | PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login_control.php via the _back parameter to the ok_f functi... | 6.1 - MEDIUM | 2018-08-30 | 2018-10-29 |
| CVE-2018-12492 json | PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfile_f function in framework/admin/tpl_control.php. | 7.5 - HIGH | 2018-06-15 | 2018-07-27 |
| CVE-2018-12491 json | PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as ... | 9.8 - CRITICAL | 2018-06-15 | 2018-07-27 |
| CVE-2018-8944 json | PHPOK 4.8.338 has an arbitrary file upload vulnerability. | 9.8 - CRITICAL | 2018-03-22 | 2018-04-20 |