VYPR
Critical severity9.8NVD Advisory· Published Feb 8, 2021· Updated Jun 17, 2026

CVE-2020-16629

CVE-2020-16629

Description

PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through SQL, and then call the attachment replacement function through api.php to write a PHP file to the target path.

Affected products

2
  • PhpOK/PhpOKdescription
  • Phpok/Phpokllm-fuzzy
    Range: =5.4.137

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.