Wa1Ki0G

**Name of the Vulnerable Software and Affected Versions** Phpok version 6.1 **Description** The issue is related to a deserialization vulnerability via the `update f()` function in `login control.php`. This allows attackers to write arbitrary files, potentially leading to getting shell access. **Recommendations** For Phpok version 6.1, consider disabling the `update f()` function in `login control.php` as a temporary workaround until a patch is available. Restrict access to the `login control.php` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.