Vulnerabilities > Phpok > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-01 CVE-2024-38953 Cross-site Scripting vulnerability in PHPok 6.4.003
phpok 6.4.003 contains a Cross Site Scripting (XSS) vulnerability in the ok_f() method under the framework/api/upload_control.php file.
network
low complexity
phpok CWE-79
6.1
6.1
2019-09-09 CVE-2019-16132 Path Traversal vulnerability in PHPok Oklite 1.2.25
An issue was discovered in OKLite v1.2.25.
network
low complexity
phpok CWE-22
6.5
6.5
2018-12-10 CVE-2018-20006 Cross-site Scripting vulnerability in PHPok 5.0.055
An issue was discovered in PHPok v5.0.055.
network
low complexity
phpok CWE-79
6.1
6.1
2018-08-30 CVE-2018-16142 Cross-site Scripting vulnerability in PHPok 4.8.278
PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login_control.php via the _back parameter to the ok_f function.
network
low complexity
phpok CWE-79
6.1
6.1