← Back

K2

k2

Vendor: Getk2 • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-19634
2Getk2
Verot Project
2K2
Verot
Jun 17, 2026
Dec 17, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-201...Show more
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.Show less
CVE-2019-19576
2Getk2
Verot Project
2K2
Verot
Jun 17, 2026
Dec 4, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.