framework/admin/modulec_control.php in OKLite v1.2.25 has an Arbitrary File Upload Vulnerability because a .php file from a ZIP archive can be written to /data/cache/.
References
Link | Resource |
---|---|
http://www.iwantacve.cn/index.php/archives/289/ | Exploit Third Party Advisory |
Configurations
Information
Published : 2019-09-08 20:15
Updated : 2019-09-10 07:04
NVD link : CVE-2019-16131
Mitre link : CVE-2019-16131
JSON object : View
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type
Products Affected
phpok
- oklite