CVE-2019-19634

CVE-2019-19634CVE-2019-19634

verot_project / verot

Description

class.upload.php in verot.net class.upload through 1.0.3 and 2.x through 2.0.4, as used in the K2 extension for Joomla! and other products, omits .pht from the set of dangerous file extensions, a similar issue to CVE-2019-19576.

Scoring

CVSS 9.8 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Last modified2026-06-26
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.