class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-17T17:11:29
Updated: 2024-08-05T02:25:12.269Z
Reserved: 2019-12-08T00:00:00
Link: CVE-2019-19634
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-12-17T18:15:14.870
Modified: 2024-11-21T04:35:06.080
Link: CVE-2019-19634
Redhat
No data.