← back
CVE-2019-19576

CVE-2019-19576

28Vexday Risk Score

No sign of exploitation. It has a public proof of concept.

ssvc Attendepss 26%
from disclosure to weapon0 days
Published on NVDDec 4
1st PoCDec 4
exploitation probability
26%top 2% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
class.upload.php in verot.net class.upload before 1.0.3 and 2.x before 2.0.4, as used in the K2 extension for Joomla! and other products, omits .phar from the set of dangerous file extensions.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.