Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by verot_project
CVE-2019-19634 (GCVE-0-2019-19634)
Vulnerability from cvelistv5 – Published: 2019-12-17 17:11 – Updated: 2024-08-05 02:25
VLAI
Summary
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/verot/class.upload.php/blob/2.… | x_refsource_MISC |
| https://medium.com/%40jra8908/cve-2019-19634-arbi… | x_refsource_MISC |
| https://github.com/jra89/CVE-2019-19634 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/blob/2.0.4/src/class.upload.php#L3068"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40jra8908/cve-2019-19634-arbitrary-file-upload-in-class-upload-php-ccaf9e13875e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jra89/CVE-2019-19634"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T17:13:41.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/blob/2.0.4/src/class.upload.php#L3068"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40jra8908/cve-2019-19634-arbitrary-file-upload-in-class-upload-php-ccaf9e13875e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jra89/CVE-2019-19634"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/verot/class.upload.php/blob/2.0.4/src/class.upload.php#L3068",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/blob/2.0.4/src/class.upload.php#L3068"
},
{
"name": "https://medium.com/@jra8908/cve-2019-19634-arbitrary-file-upload-in-class-upload-php-ccaf9e13875e",
"refsource": "MISC",
"url": "https://medium.com/@jra8908/cve-2019-19634-arbitrary-file-upload-in-class-upload-php-ccaf9e13875e"
},
{
"name": "https://github.com/jra89/CVE-2019-19634",
"refsource": "MISC",
"url": "https://github.com/jra89/CVE-2019-19634"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19634",
"datePublished": "2019-12-17T17:11:29.000Z",
"dateReserved": "2019-12-08T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19576 (GCVE-0-2019-19576)
Vulnerability from cvelistv5 – Published: 2019-12-04 17:33 – Updated: 2024-08-05 02:16
VLAI
Summary
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://www.verot.net/php_class_upload.htm | x_refsource_MISC |
| https://www.verot.net | x_refsource_MISC |
| https://github.com/verot/class.upload.php/compare… | x_refsource_MISC |
| https://github.com/verot/class.upload.php/commit/… | x_refsource_MISC |
| https://github.com/verot/class.upload.php/compare… | x_refsource_MISC |
| https://github.com/verot/class.upload.php/commit/… | x_refsource_MISC |
| https://github.com/getk2/k2/commit/d1344706c4b74c… | x_refsource_MISC |
| https://github.com/jra89/CVE-2019-19576 | x_refsource_MISC |
| https://medium.com/%40jra8908/cve-2019-19576-e9da… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155577/Verot… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:48.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.verot.net/php_class_upload.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.verot.net"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/compare/2.0.3...2.0.4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/commit/5a7505ddec956fdc9e9c071ae5089865559174f1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/compare/1.0.2...1.0.3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/commit/db1b4fe50c1754696970d8b437f07e7b94a7ebf2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/getk2/k2/commit/d1344706c4b74c2ae7659b286b5a066117155124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jra89/CVE-2019-19576"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40jra8908/cve-2019-19576-e9da712b779"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155577/Verot-2.0.3-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-06T17:06:09.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.verot.net/php_class_upload.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.verot.net"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/compare/2.0.3...2.0.4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/commit/5a7505ddec956fdc9e9c071ae5089865559174f1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/compare/1.0.2...1.0.3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/commit/db1b4fe50c1754696970d8b437f07e7b94a7ebf2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/getk2/k2/commit/d1344706c4b74c2ae7659b286b5a066117155124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jra89/CVE-2019-19576"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40jra8908/cve-2019-19576-e9da712b779"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155577/Verot-2.0.3-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.verot.net/php_class_upload.htm",
"refsource": "MISC",
"url": "https://www.verot.net/php_class_upload.htm"
},
{
"name": "https://www.verot.net",
"refsource": "MISC",
"url": "https://www.verot.net"
},
{
"name": "https://github.com/verot/class.upload.php/compare/2.0.3...2.0.4",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/compare/2.0.3...2.0.4"
},
{
"name": "https://github.com/verot/class.upload.php/commit/5a7505ddec956fdc9e9c071ae5089865559174f1",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/commit/5a7505ddec956fdc9e9c071ae5089865559174f1"
},
{
"name": "https://github.com/verot/class.upload.php/compare/1.0.2...1.0.3",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/compare/1.0.2...1.0.3"
},
{
"name": "https://github.com/verot/class.upload.php/commit/db1b4fe50c1754696970d8b437f07e7b94a7ebf2",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/commit/db1b4fe50c1754696970d8b437f07e7b94a7ebf2"
},
{
"name": "https://github.com/getk2/k2/commit/d1344706c4b74c2ae7659b286b5a066117155124",
"refsource": "MISC",
"url": "https://github.com/getk2/k2/commit/d1344706c4b74c2ae7659b286b5a066117155124"
},
{
"name": "https://github.com/jra89/CVE-2019-19576",
"refsource": "MISC",
"url": "https://github.com/jra89/CVE-2019-19576"
},
{
"name": "https://medium.com/@jra8908/cve-2019-19576-e9da712b779",
"refsource": "MISC",
"url": "https://medium.com/@jra8908/cve-2019-19576-e9da712b779"
},
{
"name": "http://packetstormsecurity.com/files/155577/Verot-2.0.3-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155577/Verot-2.0.3-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19576",
"datePublished": "2019-12-04T17:33:34.000Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:16:48.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19634 (GCVE-0-2019-19634)
Vulnerability from nvd – Published: 2019-12-17 17:11 – Updated: 2024-08-05 02:25
VLAI
Summary
class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/verot/class.upload.php/blob/2.… | x_refsource_MISC |
| https://medium.com/%40jra8908/cve-2019-19634-arbi… | x_refsource_MISC |
| https://github.com/jra89/CVE-2019-19634 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/blob/2.0.4/src/class.upload.php#L3068"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40jra8908/cve-2019-19634-arbitrary-file-upload-in-class-upload-php-ccaf9e13875e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jra89/CVE-2019-19634"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T17:13:41.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/blob/2.0.4/src/class.upload.php#L3068"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40jra8908/cve-2019-19634-arbitrary-file-upload-in-class-upload-php-ccaf9e13875e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jra89/CVE-2019-19634"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/verot/class.upload.php/blob/2.0.4/src/class.upload.php#L3068",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/blob/2.0.4/src/class.upload.php#L3068"
},
{
"name": "https://medium.com/@jra8908/cve-2019-19634-arbitrary-file-upload-in-class-upload-php-ccaf9e13875e",
"refsource": "MISC",
"url": "https://medium.com/@jra8908/cve-2019-19634-arbitrary-file-upload-in-class-upload-php-ccaf9e13875e"
},
{
"name": "https://github.com/jra89/CVE-2019-19634",
"refsource": "MISC",
"url": "https://github.com/jra89/CVE-2019-19634"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19634",
"datePublished": "2019-12-17T17:11:29.000Z",
"dateReserved": "2019-12-08T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19576 (GCVE-0-2019-19576)
Vulnerability from nvd – Published: 2019-12-04 17:33 – Updated: 2024-08-05 02:16
VLAI
Summary
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://www.verot.net/php_class_upload.htm | x_refsource_MISC |
| https://www.verot.net | x_refsource_MISC |
| https://github.com/verot/class.upload.php/compare… | x_refsource_MISC |
| https://github.com/verot/class.upload.php/commit/… | x_refsource_MISC |
| https://github.com/verot/class.upload.php/compare… | x_refsource_MISC |
| https://github.com/verot/class.upload.php/commit/… | x_refsource_MISC |
| https://github.com/getk2/k2/commit/d1344706c4b74c… | x_refsource_MISC |
| https://github.com/jra89/CVE-2019-19576 | x_refsource_MISC |
| https://medium.com/%40jra8908/cve-2019-19576-e9da… | x_refsource_MISC |
| http://packetstormsecurity.com/files/155577/Verot… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:48.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.verot.net/php_class_upload.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.verot.net"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/compare/2.0.3...2.0.4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/commit/5a7505ddec956fdc9e9c071ae5089865559174f1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/compare/1.0.2...1.0.3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/verot/class.upload.php/commit/db1b4fe50c1754696970d8b437f07e7b94a7ebf2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/getk2/k2/commit/d1344706c4b74c2ae7659b286b5a066117155124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/jra89/CVE-2019-19576"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://medium.com/%40jra8908/cve-2019-19576-e9da712b779"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155577/Verot-2.0.3-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-06T17:06:09.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.verot.net/php_class_upload.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.verot.net"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/compare/2.0.3...2.0.4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/commit/5a7505ddec956fdc9e9c071ae5089865559174f1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/compare/1.0.2...1.0.3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/verot/class.upload.php/commit/db1b4fe50c1754696970d8b437f07e7b94a7ebf2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/getk2/k2/commit/d1344706c4b74c2ae7659b286b5a066117155124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/jra89/CVE-2019-19576"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://medium.com/%40jra8908/cve-2019-19576-e9da712b779"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155577/Verot-2.0.3-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19576",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.verot.net/php_class_upload.htm",
"refsource": "MISC",
"url": "https://www.verot.net/php_class_upload.htm"
},
{
"name": "https://www.verot.net",
"refsource": "MISC",
"url": "https://www.verot.net"
},
{
"name": "https://github.com/verot/class.upload.php/compare/2.0.3...2.0.4",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/compare/2.0.3...2.0.4"
},
{
"name": "https://github.com/verot/class.upload.php/commit/5a7505ddec956fdc9e9c071ae5089865559174f1",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/commit/5a7505ddec956fdc9e9c071ae5089865559174f1"
},
{
"name": "https://github.com/verot/class.upload.php/compare/1.0.2...1.0.3",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/compare/1.0.2...1.0.3"
},
{
"name": "https://github.com/verot/class.upload.php/commit/db1b4fe50c1754696970d8b437f07e7b94a7ebf2",
"refsource": "MISC",
"url": "https://github.com/verot/class.upload.php/commit/db1b4fe50c1754696970d8b437f07e7b94a7ebf2"
},
{
"name": "https://github.com/getk2/k2/commit/d1344706c4b74c2ae7659b286b5a066117155124",
"refsource": "MISC",
"url": "https://github.com/getk2/k2/commit/d1344706c4b74c2ae7659b286b5a066117155124"
},
{
"name": "https://github.com/jra89/CVE-2019-19576",
"refsource": "MISC",
"url": "https://github.com/jra89/CVE-2019-19576"
},
{
"name": "https://medium.com/@jra8908/cve-2019-19576-e9da712b779",
"refsource": "MISC",
"url": "https://medium.com/@jra8908/cve-2019-19576-e9da712b779"
},
{
"name": "http://packetstormsecurity.com/files/155577/Verot-2.0.3-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155577/Verot-2.0.3-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19576",
"datePublished": "2019-12-04T17:33:34.000Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:16:48.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}