RSS   Vulnerabilities for 'K2'   RSS

2019-12-17
 
CVE-2019-19634

CWE-434
 

 
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.

 
2019-12-04
 
CVE-2019-19576

CWE-434
 

 
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.

 


Copyright 2024, cxsecurity.com

 

Back to Top