Vulnerabilities (CVE)

Filtered by vendor Phpok Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-16132	1 Phpok	1 Oklite	2019-09-10	5.5 MEDIUM	6.5 MEDIUM
An issue was discovered in OKLite v1.2.25. framework/admin/tpl_control.php allows remote attackers to delete arbitrary files via a title directory-traversal pathname followed by a crafted substring.
CVE-2018-20006	1 Phpok	1 Phpok	2019-01-03	4.3 MEDIUM	6.1 MEDIUM
An issue was discovered in PHPok v5.0.055. There is a Stored XSS vulnerability via the title parameter to api.php?c=post&f=save (reachable via the index.php?id=book URI).
CVE-2018-16142	1 Phpok	1 Phpok	2018-10-29	4.3 MEDIUM	6.1 MEDIUM
PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login_control.php via the _back parameter to the ok_f function.