High severity8.8NVD Advisory· Published Nov 26, 2018· Updated Jun 17, 2026
CVE-2018-19562
CVE-2018-19562
Description
An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a "Login Background > Program Upgrade > Compressed Packet Upgrade" action in which a .php file is inside a ZIP archive.
Affected products
2Patches
Vulnerability mechanics
References
1- www.iwantacve.cn/index.php/archives/87/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.