RSS   Vulnerabilities for 'Oklite'   RSS

2019-09-08
 
CVE-2019-16132

CWE-22
 

 
An issue was discovered in OKLite v1.2.25. framework/admin/tpl_control.php allows remote attackers to delete arbitrary files via a title directory-traversal pathname followed by a crafted substring.

 
 
CVE-2019-16131

CWE-434
 

 
framework/admin/modulec_control.php in OKLite v1.2.25 has an Arbitrary File Upload Vulnerability because a .php file from a ZIP archive can be written to /data/cache/.

 

 >>> Vendor: Phpok 2 Products
Phpok
Oklite


Copyright 2024, cxsecurity.com

 

Back to Top