PHPOK is an enterprise building system that supports expansion. PHPOK version 6.4.100 suffers from an arbitrary file upload vulnerability, which stems from admin.php?c=upload&f=zip&_noCache=0.1683794968 lack of valid validation of the uploaded file. An attacker can exploit this vulnerability to upload malicious files and remotely execute arbitrary code.