Vulnerabilities > Phpok > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-20 | CVE-2020-21486 | SQL Injection vulnerability in PHPok 5.4 SQL injection vulnerability in PHPOK v.5.4. | 7.5 |
| 2023-06-07 | CVE-2023-33601 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok 6.4.100 An arbitrary file upload vulnerability in /admin.php?c=upload of phpok v6.4.100 allows attackers to execute arbitrary code via a crafted PHP file. | 8.8 |
| 2023-05-25 | CVE-2023-2888 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok 6.4.100 A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. | 8.8 |
| 2023-05-11 | CVE-2021-34076 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok 5.7.140 File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload. | 8.8 |
| 2022-05-12 | CVE-2022-29363 | Deserialization of Untrusted Data vulnerability in PHPok 6.1 Phpok v6.1 was discovered to contain a deserialization vulnerability via the update_f() function in login_control.php. | 7.5 |
| 2021-11-02 | CVE-2020-18440 | Classic Buffer Overflow vulnerability in PHPok 5.1 Buffer overflow vulnerability in framework/init.php in qinggan phpok 5.1, allows attackers to execute arbitrary code. | 7.5 |
| 2021-02-08 | CVE-2020-16629 | SQL Injection vulnerability in PHPok 5.4.137 PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through SQL, and then call the attachment replacement function through api.php to write a PHP file to the target path. | 7.5 |
| 2018-06-15 | CVE-2018-12491 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok 4.9.032 PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944. | 7.5 |
| 2018-03-22 | CVE-2018-8944 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPok 4.8.338 PHPOK 4.8.338 has an arbitrary file upload vulnerability. | 7.5 |