class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-12-17T17:11:29

Updated: 2024-08-05T02:25:12.269Z

Reserved: 2019-12-08T00:00:00

Link: CVE-2019-19634

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-12-17T18:15:14.870

Modified: 2024-11-21T04:35:06.080

Link: CVE-2019-19634

cve-icon Redhat

No data.