Vulnerabilities (CVE)

Filtered by vendor Phpok Subscribe
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16142 1 Phpok 1 Phpok 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login_control.php via the _back parameter to the ok_f function.
CVE-2018-12492 1 Phpok 1 Phpok 2024-11-21 6.4 MEDIUM 7.5 HIGH
PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfile_f function in framework/admin/tpl_control.php.
CVE-2018-12491 1 Phpok 1 Phpok 2024-11-21 7.5 HIGH 9.8 CRITICAL
PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944.