A remote attacker can take advantage of this vulnerability to execute arbitrary code. Note that the current version of Phpok 6.1 is the latest version, but the previous version is not yet patched.
CVE-2019-5281: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php.
CVE-2019-5282: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php.
CVE-2019-5283: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php.
CVE-2019-5284: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php.
CVE-2019-5285: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php.
CVE-2019-5286: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php.
CVE-2019-5287: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php.
CVE-2019-5288: Remote code execution vulnerability in framework/admin/class.html.
References br
CVE-2019-5289: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php.
Multiple Vulnerabilities in Phpok 6.0-6.1
PHPok is a well-known open source framework for developing web applications. Its latest version (6.1) has multiple remote code execution vulnerabilities that were discovered by a team of security researchers from the Cybersecurity Institute at Fortinet's Advanced Threat Research team in 2019.
CVE-2022-40889: Remote attacker can take advantage of this vulnerability to execute arbitrary code. Note that the current version of PHPok 6.1 is the latest version, but the previous version is not yet patched.
CVE-2019-5281: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php.
CVE-2019-5282: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php
CVE-2019-5283: Remote code execution vulnerability in framework/admin/class.html.php via framework/admin/class.html.php
CVE-2019-5284: Remote code execution vulnerability in framework/admin/class.html.php via framework/ admin / class . html . php .
CVE-2019-5285: Remote code execution vulnerability in framework/admin / class . html . php via framework / admin / class . html . php
CVE-2019-5286: Remote code execution vulnerability in framework/admin / class . html . php via framework / admin /
Timeline
Published on: 10/18/2022 11:15:00 UTC
Last modified on: 10/19/2022 03:48:00 UTC