Arbitrary Code Execution and Privilege Escalation via File Upload in PHPOK 5.7.140

Arbitrary Code Execution and Privilege Escalation via File Upload in PHPOK 5.7.140

CVE-2021-34076 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload.

Learn more about our Web Application Penetration Testing UK.