← Back

Oklite

oklite

Vendor: Phpok • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-16132
1Phpok
1Oklite
Jun 17, 2026
Sep 9, 2019
N/A· v4
6.5 MEDIUM· v3
5.5 MEDIUM· v2
An issue was discovered in OKLite v1.2.25. framework/admin/tpl_control.php allows remote attackers to delete arbitrary files via a title directory-traversal pathname followed by a crafted substring.
CVE-2019-16131
1Phpok
1Oklite
Jun 17, 2026
Sep 9, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
framework/admin/modulec_control.php in OKLite v1.2.25 has an Arbitrary File Upload Vulnerability because a .php file from a ZIP archive can be written to /data/cache/.