Critical severity9.8NVD Advisory· Published Feb 8, 2021· Updated Jun 17, 2026
CVE-2020-16629
CVE-2020-16629
Description
PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through SQL, and then call the attachment replacement function through api.php to write a PHP file to the target path.
Affected products
2- PhpOK/PhpOKdescription
Patches
Vulnerability mechanics
References
1- github.com/Gh0stF/phpok_cve/issues/1nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.