class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-12-04T17:33:34

Updated: 2024-08-05T02:16:48.542Z

Reserved: 2019-12-04T00:00:00

Link: CVE-2019-19576

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-12-04T18:15:16.353

Modified: 2024-11-21T04:34:58.613

Link: CVE-2019-19576

cve-icon Redhat

No data.